New Windows 7 and 8 Key Makes Password Hints Easy to Crack from afar
A key called "UserPassWordHint" may be the most obviously named methods of attempt to break into machines that run Windows 7 and 8.
Although the password hints are written in hexadecimal notation and padded out with additional zeros between each letter when they're stored on a computer's hard drive, they aren't really encrypted and can be determined fairly easily using a short script.
This all came to light when SpiderLabs vulnerability researcher Jonathan Claudius began poking around to see how the new Windows system behaved.
"I was a little disappointed thinking that the hint was encrypted in some way until I noticed the pattern of zeros," Claudius wrote on the SpiderLabs blog.
Upon determining a pattern, he "wrote a little decoder in Ruby to see if I could learn this user's password hint."
It worked. The results were rendered into plain text, and Claudius had the eight-line script added to the popular open-source hacking toolkit Metasploit's hash-dump tools.
This all seems very disconcerting, until you realize that password hints are just hints.
Although they could be helpful to a hacker, they're not nearly as precious as the passwords themselves which, fortunately, on Windows are truly encrypted and much more difficult to crack.
Anyone with physical access to a PC can access password hints with the click of a mouse, but until now, password hints were much more difficult to obtain by remote intruders.
While they could definitely come in handy to a sophisticated hacker, such an intruder would more likely go straight for the password from the start.
Hints are the territory of jealous boyfriends and prank-pulling siblings who want to snoop through emails or post embarrassing Facebook status updates.