BetaArchive Logo
Navigation Home Screenshots Image Uploader Server Info FTP Servers Wiki Forum RSS Feed Rules Please Donate
UP: 53d, 14h, 47m | CPU: 37% | MEM: 5719MB of 10612MB used
{The community for beta collectors}

Forum rules


Any off topic discussions should go in this forum. Post count is not increased by posting here.
FTP Access status is required to post in this forum. Find out how to get it


Post new topic Reply to topic  [ 17 posts ] 
Author Message
 PostPost subject: Extra password box (XP)        Posted: Mon May 25, 2009 7:17 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
This is something that has been truly bugging me, for as long as I can remember. At the Windows XP login screen, there is a single password box.

What I want to know is if it is possible to have more than one password box. (IE two different passwords on the same login screen.) Anyone have any ideas?

_________________
Web developer, part-time moderator, full-time CSS wizard.


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 8:04 pm 
Reply with quote
FTP Access
User avatar
Offline

Joined
Mon Aug 20, 2007 4:58 pm

Posts
274

Location
The Bermuda Triangle

Favourite OS
WFW 3.11/Win 98SE
you mean like a username box and a password box, hit ctrl-alt del twice at the login screen, I don't remember how to make it permenant though

_________________
Image


Top  Profile  YIM
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 9:02 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
No, not that. Though that would be more secure...

I need two password boxes, really. I have two very strong passwords that would be nigh on unbreakable if used together. Maybe someone with some "mad skills" could re-write the login prompt. Maybe... Mrpijey?

_________________
Web developer, part-time moderator, full-time CSS wizard.


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 9:18 pm 
Reply with quote
Donator
Offline

Joined
Sat Feb 24, 2007 4:14 pm

Posts
6612

Location
United Kingdom

Favourite OS
Server 2012 R2
Alpha-Critik wrote:
No, not that. Though that would be more secure...

I need two password boxes, really. I have two very strong passwords that would be nigh on unbreakable if used together. Maybe someone with some "mad skills" could re-write the login prompt. Maybe... Mrpijey?


No. And it wouldn't be unbreakable because the NT LM Hash negates the advantage of having a strong password thanks to the many brute-forcers (some GPU-Accelerated now I believe) and rainbow tables that would enable someone to help crack the password in a reasonable time.

_________________
BuildFeed - the ultimate collaborative NT build list - Windows Longhorn - a look at a defining Microsoft project


Top  Profile  WWW
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 9:26 pm 
Reply with quote
Donator
User avatar
Offline

Joined
Wed Aug 27, 2008 12:52 am

Posts
890

Location
United States

Favourite OS
Windows Server 2008 Standard
hounsell wrote:
No. And it wouldn't be unbreakable because the NT LM Hash negates the advantage of having a strong password thanks to the many brute-forcers (some GPU-Accelerated now I believe) and rainbow tables that would enable someone to help crack the password in a reasonable time.

I thought the NT LM Hashes were far more secure than the LM Hashes?

_________________
Image


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 9:30 pm 
Reply with quote
Donator
Offline

Joined
Sat Feb 24, 2007 4:14 pm

Posts
6612

Location
United Kingdom

Favourite OS
Server 2012 R2
Thlump wrote:
hounsell wrote:
No. And it wouldn't be unbreakable because the NT LM Hash negates the advantage of having a strong password thanks to the many brute-forcers (some GPU-Accelerated now I believe) and rainbow tables that would enable someone to help crack the password in a reasonable time.

I thought the NT LM Hashes were far more secure than the LM Hashes?


Significantly more secure, yes, but still reasonably easily cracked.

The weakness in any password system is, providing the password is not obvious, the password system, rather than the password.

_________________
BuildFeed - the ultimate collaborative NT build list - Windows Longhorn - a look at a defining Microsoft project


Top  Profile  WWW
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 9:41 pm 
Reply with quote
FTP Access
User avatar
Offline

Joined
Wed Aug 30, 2006 10:06 pm

Posts
2393
You've been able to reset NT passwords with simple boot discs for years anyway, it is not something to rely on if you need real security - actually finding out the password and so being able to log on without the PC's owner suspecting something is up being much harder though, as said you need powerful cracking tools to be able to do that. As for changing the logon dialog to add a second password box, adding the box would be easy if you could find that dialog in a .dll file somewhere,, but the coding to make it work as a second password box could only be done by someone with the full source code for at least that part of Windows and able to recompile the relevant files. The standard Windows logon can have extra features like fingerprint recognition or smart cards added to it though if extra security is required.

_________________
Image


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 10:41 pm 
Reply with quote
Donator
Offline

Joined
Mon Feb 25, 2008 3:57 am

Posts
429

Location
Greece

Favourite OS
Windows 7 Ultimate x64 SP1
I think that LM and NT LM hashes are not stored if password is more than 14 characters, but I'm not sure.
I usually use Ophcrack to find forgotten user passwords, it's a fast and reliable tool.
In their site
Code:
http://ophcrack.sourceforge.net/tables.php

they have rainbow tables available to buy for Vista which are 134,6GB!


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 11:00 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
Hacker?pcs wrote:
I think that LM and NT LM hashes are not stored if password is more than 14 characters, but I'm not sure.
I usually use Ophcrack to find forgotten user passwords, it's a fast and reliable tool.
In their site
Code:
http://ophcrack.sourceforge.net/tables.php

they have rainbow tables available to buy for Vista which are 134,6GB!


This is correct. Consequently, both my passwords exceed 14 characters in length, so Ophcrack is a no-go on my laptop. :P

Vista Ultimate R2 wrote:
As for changing the logon dialog to add a second password box, adding the box would be easy if you could find that dialog in a .dll file somewhere,, but the coding to make it work as a second password box could only be done by someone with the full source code for at least that part of Windows and able to recompile the relevant files.


That's why I want mrpijey to take a look at it for me if he has time. (Sitting and hoping :))

_________________
Web developer, part-time moderator, full-time CSS wizard.


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 11:04 pm 
Reply with quote
FTP Access
User avatar
Offline

Joined
Wed Aug 30, 2006 10:06 pm

Posts
2393
Alpha-Critik wrote:
That's why I want mrpijey to take a look at it for me if he has time. (Sitting and hoping :))

Well even if he does work/has worked for MS, which I have noticed as an unconfirmed rumour here before, and even if he does have access to the Windows source code, which I suspect most people who work for MS don't, he'd probably get sacked if he started compiling special builds for people...

_________________
Image


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 11:42 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Tue Feb 12, 2008 5:28 pm

Posts
7457
You don't need to have the source code to code for the authentication process. Do you think HP, Lenovo etc has the Windows source code when they code their biometric and smartcard solutions? There are many such solutions, everything from fingerprint, retina scanner to smartcard, bluetooth, wifi and all kinds of custom solutions. They all use the Windows API which is rather well documented. It's not easy to code against the security API:s, and some API:s are given only by a special license agreement, but it is possible, and I know this from personal experience as I have experimented some around it.

Microsoft employees don't get by default the access to Windows sources no. But as I've already explained, you don't need it. Windows has a very extensive API (Application Programming Interface) which you can do most stuff with. I suggest you look into that if you want to learn how to code efficiently against Windows components. Learn C++ while you're at it.

As for my relationship with Microsoft that's none of anyones business, nor do I have to confirm or deny anything.

_________________
Image
Official guidelines: The Definitive Guide to BetaArchive :: Abandonware
Tools: Alcohol120% (Portable)
Listings: BetaArchive Database (beta)
Channels: Discord :: Twitter


Top  Profile  WWW
 PostPost subject: Re: Extra password box (XP)        Posted: Mon May 25, 2009 11:57 pm 
Reply with quote
Donator
User avatar
Offline

Joined
Tue Aug 12, 2008 7:37 pm

Posts
2381

Location
United States
Alpha-Critik wrote:
I have two very strong passwords that would be nigh on unbreakable if used together. Maybe someone with some "mad skills" could re-write the login prompt. Maybe... Mrpijey?


Is it just my crazy logic or would it not be the same if you just merged the passwords into one?

If I am crazy above why not just put the other as a BIOS password?


Last edited by zamadatix on Tue May 26, 2009 12:17 am, edited 1 time in total.

Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Tue May 26, 2009 12:02 am 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Aug 18, 2006 4:30 pm

Posts
1524

Favourite OS
Mac OS 9.2.2
Alpha-Critik wrote:
This is something that has been truly bugging me, for as long as I can remember. At the Windows XP login screen, there is a single password box.

What I want to know is if it is possible to have more than one password box. (IE two different passwords on the same login screen.) Anyone have any ideas?

What could you possibly have that would need any more than a simple password?

_________________
Image
Mozilla/5.0 (Macintosh; U; PPC; en-US; mimic; rv:9.3.2) Clecko/20120101 Classilla/CFM
"Stupid can opener! You killed my father, and now you've come back for me!"


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Tue May 26, 2009 12:32 am 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
zamadatix wrote:
Alpha-Critik wrote:
I have two very strong passwords that would be nigh on unbreakable if used together. Maybe someone with some "mad skills" could re-write the login prompt. Maybe... Mrpijey?


Is it just my crazy logic or would it not be the same if you just merged the passwords into one?


Yes, but that only counts as having one password. Is getting two seperate passwords harder than getting just one? :D

Bender wrote:
What could you possibly have that would need any more than a simple password?


I just like the extra security. Don't ask why, it's just a trait I have.

_________________
Web developer, part-time moderator, full-time CSS wizard.


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Tue May 26, 2009 12:44 am 
Reply with quote
Donator
User avatar
Offline

Joined
Tue Aug 12, 2008 7:37 pm

Posts
2381

Location
United States
Alpha-Critik wrote:
Yes, but that only counts as having one password. Is getting two seperate passwords harder than getting just one? :D


if the password was only 0-9 and a-z isn't it:
Code:
(digit1)^36*(digit2)^36*etc


So isn't "test" and "example" the same as "testexample"? (pretty sure on this... I hope)


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Tue May 26, 2009 12:49 am 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
zamadatix wrote:
Alpha-Critik wrote:
Yes, but that only counts as having one password. Is getting two seperate passwords harder than getting just one? :D


if the password was only 0-9 and a-z isn't it:
Code:
(digit1)^36*(digit2)^36*etc


So isn't "test" and "example" the same as "testexample"? (pretty sure on this... I hope)


Quit mocking me! :D

Well no, the passwords include many special characters in them. So you may have to re-write your formula so you can humiliate me a little more. :D

_________________
Web developer, part-time moderator, full-time CSS wizard.


Top  Profile
 PostPost subject: Re: Extra password box (XP)        Posted: Tue May 26, 2009 12:53 am 
Reply with quote
Donator
Offline

Joined
Sat Feb 24, 2007 4:14 pm

Posts
6612

Location
United Kingdom

Favourite OS
Server 2012 R2
Alpha-Critik wrote:
I just like the extra security. Don't ask why, it's just a trait I have.


If you want 'extra security' then proper drive encryption is surely the way to go. Two passwords are open to the same abuse because they'd use the same system. It also doesn't stop someone accessing your data using different credentials.

Drive Encryption on the other hand would truly protect your data and be much, much harder to crack. Something like Truecrypt would have to be brute forced, and using the higher levels of encryption would make that unfeasable for pretty much everyone.

_________________
BuildFeed - the ultimate collaborative NT build list - Windows Longhorn - a look at a defining Microsoft project


Top  Profile  WWW
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 17 posts ] 




Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Jump to:  

All views expressed in these forums are those of the author and do not necessarily represent the views of the BetaArchive site owner.

Powered by phpBB® Forum Software © phpBB Group

Copyright © 2006-2018

 

Sitemap | XML | RSS