How does Windows 7 store passwords for things?

I somehow managed to get locked out of my Windows Live account. Password recovery does not work (I chose a stupid secret question) and they are asking me to provide some information about my account but being very un-friggin helpful about it.

They seem only interested in my messenger contacts and hotmail emails despite me hardly using either. I provided loads of detailed information about Live Mesh (because that’s what I use mainly) but that’s not enough apparently.

So I was thinking perhaps if I could recover my password from another machine then I could tell them what it was – might make them reconsider. It was stored on my other machines in the live mesh login client and in windows messenger.. and probably in Google Chrome as well.

Any idea how to recover them? I’m thinking they’ll be encoded somewhere and I can use a brute force attack to crack the encoded text. I have account access to all the machines that it’d be stored on.

There’s programmes out there for this but it’s up to you if you trust them.

I’d rather get hold of the encrypted text strings myself then crack them in isolation than have some software dig around on its own.

If you have machines that can log in, why not log in, get info on your messenger contacts and hotmail emails ,then get back in touch with MS now you have the info they want to unlock things?

How did you plan to “crack them yourself”? There are so many reasons I can think that this won’t work I can’t be bothered to type them all! It’s relatively trivial to hash a password into an encoded string, but the reverse is not true. Indeed that’s the point. Or was your plan to (somehow) replicate the password hash function and brute force some possible passwords you might have used in an attempt to get a hash collision? But then you need to know how the function… etc.

Use a mac

you have machines that can log in, why not log in, get info on your messenger contacts and hotmail emails ,then get back in touch with MS now you have the info they want to unlock things?

But there’s a hole in my bucket! (ie the account’s locked – if I could log in then there’d be no trouble!)

It’s relatively trivial to hash a password into an encoded string, but the reverse is not true

Well I believe it’s quite possible to use brute force to crack a password extracted from a unix password file using software and modern computing power. I assumed the algorithms would be widely known for Windows also.

Molgrips later tonight

Wow, that’s how it’s done? Ace, thanks Drac. You’re l33t.

Use a mac

How does using a raincoat help?

I assumed the algorithms would be widely known for Windows also.

This could be a rash assumption. It may be that the password itself is not stored, but rather an authenticated logon token for the services in question. But you can look that up and find that out yourself.

Indeed if you can’t logon with this saved info, that implies the above? Otherwise how does recovering your password help you? Actually I guess MS support folks might have a non-locked interface where they can check a pw supplied by you matches the hashed password they have stored for you.

I believe it’s quite possible

You need to work on the answer to this part before anything else. I’d expect it to be very hard. (that’s not a naive assumption, cryptology isn’t my field, nor is windows security, but my doctorate is in computer science so I’m more clued up than most).

Indeed if you can’t logon with this saved info, that implies the above?

It implies that my account is locked. Attempting a login with the correct info doesn’t work.

but my doctorate is in computer science so I’m more clued up than most

You don’t sound any more clued up than me tho 😉

I think you’ll spend less time sorting this by persisting with the beuracracy of getting it reset over the phone than trying to reverse engineer the password.

This is Microsoft, so your password is probably stored in clear text somewhere on a Russian web server along with your DoB and credit card details…..

correct me if I am wrong but isn’t Windows Live a web service? Which would mean there is no password stored on your computer?

I think you’ll spend less time sorting this by persisting with the beuracracy of getting it reset over the phone

Yeah but the issue is I cannot supply the information they are asking for.

Which would mean there is no password stored on your computer?

When you click the ‘remember my password’ button it gets stored in some kind of password vault on your PC, I seem to remember reading. Or rather, it DOES get stored on your PC – I seem to remember reading it was at one point laughably easy to recover these since they were stored in a file called passwords.txt in your profile or something silly.

You don’t sound any more clued up than me tho

True, I’m just making assumptions as well. But I do know a bit about how password hashing functions are designed, and the difficulty of trying to brute force them. So I think this is the bit you need to focus on, but it’s the part you’re being vague on.

Do you have no way of getting some idea what your msn contacts/emails are? This seems like an easier way to regain access. You’ve never set up a mail-client for access, or email forwarding, and so are able to recover this info that way? Or use MSN with a client which probably stores chat transcripts? These are less likely to be encrypted and could get the info you need. A chat client may also store an offline buddy list, which might be easier to access than a password?

molgrips – I still think it’s worth persisting on the phone – escalate it or offer an alternative means of identifying yourself to them?

Do you have no way of getting some idea what your msn contacts/emails are?

Would I be posting this crazy talk if I did?

The email they sent asked for ways to identify yourself SUCH AS hotmail folders, msn contacts, recent emails and that kind of thing.

I sent them absolutely everything I could think of which wasn’t a lot since I hardly ever use messenger now and only use hotmail for an alternative paypal account and things that might spam me.

It’s microsoft so it’s a trivial matter.

Molgrips, I’m assuming you mean the autocomplete used to fill in the password for you?
If so then IE Pass view will do the job very quickly and easily
http://www.nirsoft.net/utils/internet_explorer_password.html

Edit: Aah, I’ve read now that you use chrome. The above will only work if you use IE to access the service.

I may have used IE also, will try it cheers 🙂

But also the dedicated clients for live mesh and live messenger…

Wow, that’s how it’s done? Ace, thanks Drac. You’re l33t.

I’ve watched enough films now to know how to hack, sadly I don’t think I’m typing fast enough as never had any luck.

I’ve never used it but there is a “Live Messenger password recovery tool” at the top of a google listing for just that. If you do use it, I would change it immediately afterwards, you never know what some of these free tools leak out.

The problem with microsoft is that their hashing algorithms are not only very weak but also very well known. There are so many tools that can easily and quickly reverse the hashing, mainly because of the way windows handles encryption. (i.e. badly)

Lots of systems still use very poor hashing algorithms that simply haven’t stood up to the test of time and quick brute forcing is now possible against all but the strongest. And as discussed earlier, if your own computer isn’t beefy enough, no problem, get yourself onto the internet and a nice company will apply their cpu array to it and have it back to you in no time for a nominal fee.

Drac, you need to look like this

this,

or this…

To be a good hacker. I’ve watched hacking films too.

If I looked like that I wouldn’t be using my fing………

Best stop there.

LMAO @ molgrips even considering an attempt at DIY cracking.

Change your name to “Zero Cool” !

TBH,

The days of cracking Hotmail with a broken biscuit are long gone.

You might have some luck with things like Snadboy’s Revelation tool for displaying ****** passwords, though I’ve not used such things in many years now so what it’d make of Windows 7 I can only guess.

Hacking outside of your local machine, forget it.

This is purely my local machine.

Disclaimer – I know nothing about Windows LIve, but if you’ve used Firefox to access it and clicked remember me, then the password will be saved in Saved Passwords bit of the program settings.

Doesn’t chrome have something similar?