Re: Where are Windows "Enforce password history" passwords stored?

From: Jean-Baptiste Marchand (jbm.lists@gmail.com)
Date: Tue Aug 30 2005 - 03:29:36 EDT

• Next message: James Leighe: "Re: Where are Windows "Enforce password history" passwords stored?"
• Previous message: George Hedfors: "Re: Pen-testing the HP Non-stop platform."
• In reply to: Charles Gillman: "Where are Windows "Enforce password history" passwords stored?"
• Next in thread: James Leighe: "Re: Where are Windows "Enforce password history" passwords stored?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

* Charles Gillman <charles.gillman@gmail.com> [30/08/05 - 09:17]:

> Can anyone tell me where the "remembered" passwords are stored when
> the "Enforce password history" is set in Group Policy?
>
> If this setting is set to its maximum value of 24 then I would expect
> 24 password hashes are stored for each account for the setting to
> work. But where?
>
> More importantly are there any tools/techniques for accessing the
> "remembered" passwords?

pwhist from the ToolCrypt group:

        http://www.toolcrypt.org/tools/pwhist/index.html

See also trashpwhist to clear hashes history:

        http://www.toolcrypt.org/tools/trashpwhist/index.html

If I remember correctly, Cain's password module can also optionally
recover hashes history:

        http://www.oxid.it/cain.html

Jean-Baptiste Marchand

• Next message: James Leighe: "Re: Where are Windows "Enforce password history" passwords stored?"
• Previous message: George Hedfors: "Re: Pen-testing the HP Non-stop platform."
• In reply to: Charles Gillman: "Where are Windows "Enforce password history" passwords stored?"
• Next in thread: James Leighe: "Re: Where are Windows "Enforce password history" passwords stored?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:48 EDT