Windows Passwords - A Well Known Secret?

The choice of a secure password is a central aspect of IT Security and has been keeping users and administrators busy and on their toes for years now. Each year, the requirements that a secure password must fulfil get higher and higher. Similarly, the requirements to crack a password rise. It’s an eternal sort of arms race, if you want to call it that. Not only are length and complexity of the password of the utmost importance, but the one key factor is this: It should be secret. Therefore, passwords shouldn’t be written down anywhere and or saved anywhere in plaintext. In this Labs, we’ll look at the way Windows deals with passwords.This paper was written in 2014 as part of a research project at scip AG, Switzerland. It was initially published online at https://www.scip.ch/en/?labs.20140710 and is available in English and German. Providing our clients with innovative research for the information technology of the future is an essential part of our company culture