Guest simple_user Posted July 18, 2007 Posted July 18, 2007 Hi there, I was trying to change the way of automatic logon. I wrote simple executable using LSA to set password by LsaStorePrivateData (). Then I deleted reg.key value ‘DefaultPassword’ I restarted PC (WindowsXP installed) but it didn’t get through – it show log-on dialog and I have to enter password manually. I thought that Winlogon should be able to retrieve ‘secret’ password and not to look for ‘DefaultPassword’ value. Do I missing something here? Any additional steps needs? Regards, Quote
Guest S. Pidgorny Posted July 18, 2007 Posted July 18, 2007 I think automatic logon is designed to require the DefaultPassword value. Therefore LSA private data won't help, as there is no setting that allow system to use it for automatic logon (AFAIK). What are you trying to achieve with this? -- Svyatoslav Pidgorny, MS MVP - Security, MCSE -= F1 is the key =- * http://sl.mvps.org * http://msmvps.com/blogs/sp * "simple_user" <simpleuser@discussions.microsoft.com> wrote in message news:0503FFFA-B921-41A0-BCE0-5B8D3607BFA3@microsoft.com... > Hi there, > I was trying to change the way of automatic logon. > I wrote simple executable using LSA to set password by LsaStorePrivateData > (). Then I deleted reg.key value 'DefaultPassword' > I restarted PC (WindowsXP installed) but it didn't get through - it show > log-on dialog and I have to enter password manually. > I thought that Winlogon should be able to retrieve 'secret' password and > not > to look for 'DefaultPassword' value. > Do I missing something here? Any additional steps needs? > > Regards, > Quote
Guest simple_user Posted July 18, 2007 Posted July 18, 2007 "S. Pidgorny <MVP>" wrote: > I think automatic logon is designed to require the DefaultPassword value. > Therefore LSA private data won't help, as there is no setting that allow > system to use it for automatic logon (AFAIK). > > What are you trying to achieve with this? > > -- > Svyatoslav Pidgorny, MS MVP - Security, MCSE > -= F1 is the key =- > > * http://sl.mvps.org * http://msmvps.com/blogs/sp * > > "simple_user" <simpleuser@discussions.microsoft.com> wrote in message > news:0503FFFA-B921-41A0-BCE0-5B8D3607BFA3@microsoft.com... > > Hi there, > > I was trying to change the way of automatic logon. > > I wrote simple executable using LSA to set password by LsaStorePrivateData > > (). Then I deleted reg.key value 'DefaultPassword' > > I restarted PC (WindowsXP installed) but it didn't get through - it show > > log-on dialog and I have to enter password manually. > > I thought that Winlogon should be able to retrieve 'secret' password and > > not > > to look for 'DefaultPassword' value. > > Do I missing something here? Any additional steps needs? > > > > Regards, > > > > > Hi, Idea is to protect automatic logon password. There is the article (http://msdn2.microsoft.com/en-us/library/aa378826.aspx), which talks about it. What I was trying to achieve is to remove plain text (DefaultPassword) from the registry that it can’t be seen. But at this point I’m not sure what exactly my steps should be in order to do that ( trying to find more articles, so far not so good). I might be wrong but it could be that I have to write custom dll in order to perform auto logon. Any ideas or pointing to some direction are welcome ïŠ Quote
Guest Ian Posted July 22, 2007 Posted July 22, 2007 The LSA password is used if you set autologon by running the "control userpasswords2" applet. It is not used if you set autologon manually in the winlogon registry key. Was looking-into this for the next release of MyLogon, as I'd like to integrate the setup into one applet instead of referring the user to the Microsoft tool, as is presently done. Having said that, the LSA is no longer secure, it has been cracked. Thus it is questionable whether it's worth the effort of setting an LSA password. Perhaps better just to make sure the autologon password is a throwaway one - one which is not also used for secure services. Basically, no password stored in the registry is safe, even if encrypted, since it must be possible for the same computer to decrypt it by some means or other, and if the system can decrypt it, then in principle an Administrative user can too. The only safe stored password is a hashed one (which is not suitable for autologon purposes) Password revealers: http://nirsoft.net/ Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.