Sysinternals Homepage
Forum Home Forum Home > Windows Discussions > Development
  New Posts New Posts RSS Feed - AutoLogon Encryption System
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

AutoLogon Encryption System

 Post Reply Post Reply
Author
Message
Ocktopus View Drop Down
Newbie
Newbie
Avatar

Joined: 29 November 2017
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote Ocktopus Quote  Post ReplyReply Direct Link To This Post Topic: AutoLogon Encryption System
    Posted: 29 November 2017 at 11:03am
Hello,

I'm really interested into AutoLogon security utility and I would like to know which kind of encryption method is used to encrypt password in registry. I have tested the AutoLogon and inside the registry key WinLogon I found the username and the default domain but nothing concerning the password.

My question is then what kind of encryption has been used for the password encryption ?

Thanks in advance for your answers
Back to Top
sredna View Drop Down
Groupie
Groupie


Joined: 24 November 2016
Status: Offline
Points: 61
Post Options Post Options   Thanks (0) Thanks(0)   Quote sredna Quote  Post ReplyReply Direct Link To This Post Posted: 30 November 2017 at 12:22am
Older versions stored it in plain text.

MSDN tells you how the encryption works:

Quote
Note that if Winlogon cannot find a password stored by the LsaStorePrivateData function, it will use the DefaultPassword value of the Winlogon key (if it exists) for the automatic logon password.

Back to Top
Ocktopus View Drop Down
Newbie
Newbie
Avatar

Joined: 29 November 2017
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote Ocktopus Quote  Post ReplyReply Direct Link To This Post Posted: 30 November 2017 at 1:12pm
Do you mean that it's stored in plain text in the LSA and it's the only encryption provided ?
Back to Top
sredna View Drop Down
Groupie
Groupie


Joined: 24 November 2016
Status: Offline
Points: 61
Post Options Post Options   Thanks (0) Thanks(0)   Quote sredna Quote  Post ReplyReply Direct Link To This Post Posted: 30 November 2017 at 8:01pm
MSDN: 
Quote The data stored by the LsaStorePrivateData function is not absolutely protected. However, the data is encrypted before being stored, and the key has a DACL that allows only the creator and administrators to read the data.
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 11.06
Copyright ©2001-2016 Web Wiz Ltd.