Need to recover (encrypted) files from XP install on another hard drive

[kony]

Not for NT login passwords.

What makes you think that is different?

Are you only considering some extremely fixed scenario where
someone "MUST" be forced to only sit at a login prompt to do
it?

There's plenty of hits Google finds for "NT Login password
cracking", over 1 million.

 

[Mxsmanic]

What makes you think that is different?

NT login passwords are hashed with a message digest algorithm, which
is irreversible. The only way to recover a login password is by
repeated guessing, i.e., a dictionary attack or a brute-force attack.

Are you only considering some extremely fixed scenario where
someone "MUST" be forced to only sit at a login prompt to do
it?
No.

There's plenty of hits Google finds for "NT Login password
cracking", over 1 million.

There are plenty of Google hits for UFO abductions, too, but that
doesn't mean that they occur.

 

[kony]

NT login passwords are hashed with a message digest algorithm, which
is irreversible. The only way to recover a login password is by
repeated guessing, i.e., a dictionary attack or a brute-force attack.

Nope.

Define what you mean though, all "NT passwords" are not the
same protection level.

Ever heard of L0phtCrack? It'll do NT4 and sometimes NT5
(if NTLM hash use is retained for backwards compatibility).

Even if we ignore this, what you call "guessing" at it, is
in fact cracking it, particularly when done in an automated
fashion. If you don't like the word "cracking" for this
use, that's a bit beside the fact that the entire industry
has settled on it- so find another word you like better and
then convince the entire industry to switch to using that
word instead of "cracking", else "cracking" is the proper
term.

No.

Then your distinction between "guessing" and "cracking" is
pointless. ANYTHING that is yet to be solved, initiates
with guesses about the strategy to use, later confirmed by
evidence. With this case, it's just a short leap from the
former to the latter when the password is accepted.

There are plenty of Google hits for UFO abductions, too, but that
doesn't mean that they occur.

Nor does it mean they don't occur, but in this case, people
have in fact cracked passwords, there is no denying it.

 

[Mxsmanic]

Nope.
Yup.

Ever heard of L0phtCrack? It'll do NT4 and sometimes NT5
(if NTLM hash use is retained for backwards compatibility).

It's guessing, just like all other "cracking" software.

Even if we ignore this, what you call "guessing" at it, is
in fact cracking it, particularly when done in an automated
fashion. If you don't like the word "cracking" for this
use, that's a bit beside the fact that the entire industry
has settled on it- so find another word you like better and
then convince the entire industry to switch to using that
word instead of "cracking", else "cracking" is the proper
term.

Cracking implies a successful algorithm for finding a plaintext
password that hashes to a specific digest. That doesn't exist for NT
login passwords.

Nor does it mean they don't occur, but in this case, people
have in fact cracked passwords, there is no denying it.

Sure, by guessing poorly-chosen passwords. The worse the password,
the easier it is to guess.

 

[kony]

It's guessing, just like all other "cracking" software.

I see you're still hung up on the word "guess".
Nope, it's not guessing to methodically go through a
sequence. Guessing is like a one-shot game for kids.
Cracking is an industry standard and accepted term,
regardless of whether you agree. Now maybe cracking is for
kids, and not so industry accepted in practice, it's still
the applicable term.

Cracking implies a successful algorithm for finding a plaintext
password that hashes to a specific digest.

Bullshit.

No cracker is going to wait for your directive on what
they're doing.

That doesn't exist for NT
login passwords.

Your concept of what it is, doesn't exist for most cracking
either, once we get beyond passwords.

Sure, by guessing poorly-chosen passwords. The worse the password,
the easier it is to guess.

I invite you to compare websites specifically mentioning the
scenario we're discussing here and compare how many use the
word "guessing" versus the word "cracking". Wanna bet which
word shows up an order of magnitude (if not 50) more often?