S
stevenm
does anybody know if it's possible to retrieve a user's AD password via
a c# app?
tks
a c# app?
tks
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
P
Paul Williams [MVP]
No, it is not possible to retrieve a users password using any method. The
only way you can get it is to perform a brute-force, offline hack where you
compare the hashes. It would be a huge security hole to read a password.
Why would you ever want to do such a thing?
only way you can get it is to perform a brute-force, offline hack where you
compare the hashes. It would be a huge security hole to read a password.
Why would you ever want to do such a thing?
H
Herb Martin
Paul Williams said:No, it is not possible to retrieve a users password using any method. The
only way you can get it is to perform a brute-force, offline hack where
you compare the hashes. It would be a huge security hole to read a
password. Why would you ever want to do such a thing?
Agreed (including the final question).
Even the DCs don't usually "know" the passwords.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
R
Richard Mueller [MVP]
As I understand, the password is not saved in AD, only the hash. A one-way
function is used to create the hash.
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab web site - http://www.rlmueller.net
--
function is used to create the hash.
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab web site - http://www.rlmueller.net
--
Herb Martin said:Paul Williams said:No, it is not possible to retrieve a users password using any method. The
only way you can get it is to perform a brute-force, offline hack where
you compare the hashes. It would be a huge security hole to read a
password. Why would you ever want to do such a thing?
Agreed (including the final question).
Even the DCs don't usually "know" the passwords.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
H
Herb Martin
Richard Mueller said:As I understand, the password is not saved in AD, only the hash. A one-way
function is used to create the hash.
That is the default.
Why would you WANT the password? What
legitimate application do you have in mind?
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab web site - http://www.rlmueller.net
--
Herb Martin said:Paul Williams said:No, it is not possible to retrieve a users password using any method. The
only way you can get it is to perform a brute-force, offline hack where
you compare the hashes. It would be a huge security hole to read a
password. Why would you ever want to do such a thing?
Agreed (including the final question).
Even the DCs don't usually "know" the passwords.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]