How are Windows passwords handled?

I'm looking for good information about how Windows handles the passwords of its users:

  • Which algorithms are used (which hash, do they use salt, ...)?
  • Where are the passwords stored?
  • Are there known exploits?

Especially interesting are Windows XP, Vista and 7.

I was not able to find useful information with Google, most pages are talking about resetting or cracking tools, but I'm interested in the theory.


Which algorithms are used (which hash, do they use salt, ...)

Two hashes are stored: LM hash for LanMan, and a MD4 hash (also called "NT hash") for NTLM.

Only the MD4 hash is normally used. It is not salted, since the SAM database is only accessible to the Administrators group and to NT AUTHORITY\SYSTEM internal account.

The LM hash is only stored for compatibility reasons. (See paragraph below.) It is very insecure (its history starts with OS/2 and MS-DOS), and crackable in (I think) minutes. Windows only uses it when logging in to old servers; however, if stored it can be extracted with a LiveCD or such.

In Windows 7, storing of LM hashes is disabled. In earlier releases you can disable it manually in security policies (secpol.msc → Local Policies → Security Options → Network Security: Do not store LAN Manager hash).


Where are the passwords stored?

Security Accounts Manager database - a part of Registry, stored under %SystemRoot%\system32\config\.

Since Windows 2000, the SAM database is additionally encrypted by default. <afaik> The key is scattered all over the (same) registry file, but is still recoverable. </afaik> But if you want, you can move the encryption key to a floppy drive, or to use an additional password. (You will be asked for it on boot.) This is done using SYSKEY (syskey.exe)

(SYSKEY support was added in NT 4.0 SP3, but disabled by default until W2000.)


Are there known exploits?

Cracking LM hashes? More than you can imagine. MD4 seems to be more secure, but be sure to read that Wikipedia article.


On Windows 9x series - don't expect anything better than ROT26.