|
General Computer/Android Help, News & Info + New Technology Find All The Latest Reports/Reviews in Here. Start a New Thread in Here if You Need Help |
IMPORTANT ANNOUNCEMENT |
Hallo to All Members. As you can see we regularly Upgrade our Servers, (Sorry for any Downtime during this). We also have added more Forums to help you with many things and for you to enjoy. We now need you to help us to keep this site up and running. This site works at a loss every month and we appeal to you to donate what you can. If you would like to help us, then please just send a message to any Member of Staff for info on how to do this,,,, & Thank You for Being Members of this site. |
|
LinkBack | Thread Tools | Display Modes |
19-10-12, 01:07 | #1 |
Join Date: Feb 2011
Posts: 47,368
Thanks: 27,593
Thanked 14,456 Times in 10,262 Posts
|
Windows 8 Has Critical Security Flaw
First Critical Windows 8 Security Flaw: Logon Passwords Stored in Plain Text
Softpedia Decrypting a Windows 8 password is easy, says Passcape Microsoft says that Windows 8 is the most secure operating system ever, but the first critical security flaw has already been discovered. Passcape Software developers have discovered that Windows 8 stores user accounts passwords in plain text whenever the user switches to a picture password or a PIN. As you may know in case you’re a Windows 8 early adopter, the new operating system comes with two new authentication options, allowing users to log in via a picture password or a secure PIN. “The matter is that these two authentication methods are based on a regular user account. In other words, the user must first have created an account with a regular password and then optionally switch to PIN or picture password authentication. Notably that the original plain-text (!) password to the account also remains in the system,” Passcape wrote in a blog post. Passwords could, of course, be decrypted and Passcape says that some software solutions especially created in this regard have already been developed. “Once the user has switched to a new authentication method, his text password is encrypted using the AES algorithm and saved to protected Vault storage in the folder %SYSTEM_DIR%/config/systemprofile/AppData/Local/Microsoft/Vault/4BF4C442-9B8A-41A0-B380-DD4A704DDB28,” the software company explained. “The text password is not bound to the PIN or picture password; therefore, any user of the PC with the Administrator privileges can easily recover it (the encryption key is protected with system DPAPI).” Microsoft hasn’t yet commented on the matter, but we’ve contacted the Redmondians for an official statement, so we’ll keep you updated.
__________________
PUTIN TRUMP & Netanyahu Will Meet in HELL TRUMP WARNS; 'There'll Be a Bloodbath If I Don't Get Elected' PLEASE HELP THIS SITE..Click DONATE & Thanks to ALL Members of ... 1.. THIS SITE IS MORE THAN JUST WAREZ...& TO STOP SPAM-IF YOU WANT TO POST, YOUR FIRST POST MUST BE IN WELCOMES |
The Following User Says Thank You to Ladybbird For This Useful Post: | online24 (19-10-12) |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Display Modes | |
|
|