Mechanism design: Difference between revisions
en>F.morett No edit summary |
|||
| Line 1: | Line 1: | ||
{{redirect|Lanman}} | |||
'''LM hash''', '''LanMan''', or '''LAN Manager hash''' is a compromised password [[Cryptographic hash function|hashing function]] that was the primary [[Cryptographic hash function|hash]] that [[Microsoft LAN Manager]] and [[Microsoft Windows]] versions prior to [[Windows NT]] used to store user [[password]]s. Support for the legacy [[LAN Manager]] protocol continued in later versions of Windows for [[backward compatibility]], but was recommended by Microsoft to be turned off by administrators; as of Windows Vista, the protocol is disabled by default, but continues to be used by some non-Microsoft [[Server Message Block|CIFS]] implementations. | |||
== Algorithm == | |||
The LM hash is computed as follows:<ref>{{cite web|url=http://technet.microsoft.com/en-us/library/dd277300.aspx|title=Chapter 3 - Operating System Installation: The LMHash|accessdate=2009-06-21|publisher=[[Microsoft]]}}</ref><ref name="davenport">{{cite web | |||
| url=http://davenport.sourceforge.net/ntlm.html#theLmResponse | |||
| title=The NTLM Authentication Protocol | |||
| accessdate=2006-06-05 | |||
| last=Glass | |||
| first=Eric | |||
| year=2003 | |||
es}}</ref> | |||
# The user's password is restricted to a maximum of fourteen characters.<ref group="Notes">If the password is more than fourteen characters long, the LM hash cannot be computed.</ref> | |||
# The user’s password is converted to [[uppercase]]. | |||
# The user's password is encoded in the System OEM [[Code page]]<ref>{{cite web | |||
| url=http://msdn.microsoft.com/nl-nl/goglobal/cc563921%28en-us%29.aspx | |||
| title=List of Localized MS Operating Systems | |||
| accessdate=2012-12-16 | |||
| publisher=[[Microsoft]]}}</ref> | |||
# This password is null-padded to 14 bytes.<ref name="KB828861">{{cite web|url=http://support.microsoft.com/kb/828861|title=Cluster service account password must be set to fifteen or more characters if the NoLMHash policy is enabled|publisher=[[Microsoft]]|date=2006-10-30|accessdate=2009-06-21}}</ref> | |||
# The “fixed-length” password is split into two seven-byte halves. | |||
# These values are used to create two [[Data Encryption Standard|DES]] keys, one from each 7-byte half, by converting the seven bytes into a bit stream with the most significant bit first, and inserting a null bit after every seven bits (so <code>1010100</code> becomes <code>10101000</code>). This generates the 64 bits needed for a DES key. (A DES key ostensibly consists of 64 bits; however, only 56 of these are actually used by the algorithm. The null bits added in this step are later discarded.) | |||
# Each of the two keys is used to DES-encrypt the constant [[ASCII]] string “<code>KGS!@#$%</code>”,<ref group="Notes">The string “KGS!@#$%” could possibly mean '''K'''ey of '''G'''len and '''S'''teve and then the combination of '''Shift + 12345'''. Glen Zorn and Steve Cobb are the authors of [http://www.ietf.org/rfc/rfc2433.txt RFC 2433] ([[MS-CHAP|Microsoft PPP CHAP Extensions]]).</ref> resulting in two 8-byte ciphertext values. The DES CipherMode should be set to ECB, and PaddingMode should be set to <code>NONE</code>. | |||
# These two ciphertext values are concatenated to form a 16-byte value, which is the LM hash. | |||
== Security weaknesses == | |||
Although it is based on [[Data Encryption Standard|DES]], a well-studied [[block cipher]], the LM hash is not a true [[one-way function]] as the password can be determined from the hash because of several weaknesses in its design:<ref>{{cite web|url=http://download.microsoft.com/download/f/4/a/f4a67fc8-c499-461d-a025-8155fb4f7a0f/Windows%20Passwords%20Master%201.5%20Handout%20-%20Jesper%20Johansson.ppt|title=Windows Passwords: Everything You Need to Know|publisher=[[Microsoft]]|author=Jasper M. Johansson|date=29 June 2004}}</ref> Firstly, passwords are limited to a maximum of only 14 characters, giving a theoretical maximum keyspace of <math>95^{14} \approx 2^{92}</math> with the [[ASCII#ASCII_printable_characters|95 ASCII printable characters]]. | |||
Secondly, passwords longer than 7 characters are divided into two pieces and each piece is hashed separately; this weakness allows each half of the password to be attacked separately at [[Exponential growth|exponentially lower]] cost than the whole, as only <math>95^{7} \approx 2^{46}</math> different 7-character password pieces are possible with the same character set. By mounting a [[brute force attack]] on each half separately, modern desktop machines can crack [[alphanumeric]] LM hashes in a few hours. In addition, all lower case letters in the password are changed to upper case before the password is hashed, which further reduces the [[key space (cryptography)|key space]] for each half to <math>69^{7} \approx 2^{43}</math>. | |||
The LM hash also does not use [[salt (cryptography)|cryptographic salt]], a standard technique to prevent [[pre-computed dictionary attack]]s. A [[time-memory trade-off]] [[cryptanalysis]] attack, such as a [[rainbow table]], is therefore feasible. In addition, any password that is shorter than 8 characters will result in the hashing of 7 null bytes, yielding the constant value of <code>0xAAD3B435B51404EE</code>, hence making it easy to identify short passwords on sight. In 2003, [[Ophcrack]], an implementation of the rainbow table technique, was published. It specifically targets the weaknesses of LM encryption, and includes pre-computed data sufficient to crack virtually all alphanumeric LM hashes in a few seconds. Many cracking tools, e.g. [[RainbowCrack]], [[L0phtCrack]] and [[Cain (software)|Cain]], now incorporate similar attacks and make cracking of LM hashes fast and trivial. | |||
A final weakness of LM hashes lies in their implementation — since they change only when a user changes their password, they can be used to carry out a [[pass the hash]] [[side channel attack]]. | |||
== Workarounds == | |||
To address the security weaknesses inherent in LM encryption and authentication schemes, Microsoft introduced the [[NTLM#NTLMv1|NTLMv1]] protocol in 1993 with [[Windows NT 3.1]]. For hashing, NTLM uses [[Unicode]] support, replacing <code>LMhash=DESeach(DOSCHARSET(UPPERCASE(password)), "KGS!@#$%")</code> by <code>NThash=[[MD4]]([[UTF-16]]-LE(password))</code>, which does not require any padding or truncating that would simplify the key. On the negative side, the same DES algorithm was used with only [[56-bit encryption]] for the subsequent authentication steps, and there is still no salting. Furthermore, Windows machines were for many years configured by default to send and accept responses derived from both the LM hash and the NTLM hash, so the use of the NTLM hash provided no additional security while the weaker hash was still present. It also took time for artificial restrictions on password length in management tools such as User Manager to be lifted. | |||
While LAN Manager is considered obsolete and current Windows operating systems use the stronger NTLMv2 or [[Kerberos (protocol)|Kerberos]] authentication methods, Windows systems before [[Windows Vista]]/[[Windows Server 2008]] enabled the LAN Manager hash by default for [[backward compatibility]] with legacy LAN Manager and [[Windows Me]] or earlier clients, or legacy [[NetBIOS]]-enabled applications. It has for many years been considered good security practice to disable the compromised LM and NTLMv1 authentication protocols where they aren't needed.<ref name="mskb">{{cite web | |||
| url=http://support.microsoft.com/default.aspx?scid=KB;EN-US;q299656& | |||
| title=How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases | |||
| work=Microsoft Knowledge Base | |||
| accessdate=2006-06-05 | |||
es}}</ref> | |||
Starting with Windows Vista and Windows Server 2008, Microsoft disabled the LM hash by default; the feature can be enabled for local accounts via a security policy setting, and for [[Active Directory]] accounts by applying the same setting via domain [[Group Policy]]. The same method can be used to turn the feature off in Windows 2000, Windows XP and NT.<ref>[http://support.microsoft.com/default.aspx?scid=KB;EN-US;q299656& How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases]</ref> Users can also prevent a LM hash from being generated for their own password by using a password at least fifteen characters in length.<ref name="KB828861"/> | |||
==Reasons for continued use== | |||
Many legacy third party [[Server Message Block|CIFS]] implementations have taken considerable time to add support for the stronger protocols that Microsoft has created to replace LM hashing because the [[open source]] communities supporting these libraries first had to [[reverse engineering|reverse engineer]] the newer protocols—[[Samba (software)|Samba]] took 5 years to add NTLMv2 support, while JCIFS took 10 years. | |||
{| class="wikitable" | |||
|- | |||
|+ Availability of NTLM protocols to replace LM authentication | |||
! Product | |||
! NTLMv1 support | |||
! NTLMv2 support | |||
|- | |||
| [[Windows NT 3.1]] | |||
| RTM (1993) | |||
| Not supported | |||
|- | |||
| [[Windows NT 3.5]] | |||
| RTM (1994) | |||
| Not supported | |||
|- | |||
|- | |||
| [[Windows NT 3.51]] | |||
| RTM (1995) | |||
| Not supported | |||
|- | |||
| [[Windows NT 4]] | |||
| RTM (1996) | |||
| Service Pack 4<ref>{{cite web|url=http://support.microsoft.com/kb/194507|title=Windows NT 4.0 Service Pack 4 Readme.txt File (40-bit)|date=1998-10-25|accessdate=2010-05-27|publisher=[[Microsoft]]}}</ref> (25 October 1998) | |||
|- | |||
| [[Windows 95]] | |||
| Not supported | |||
| Directory services client (released with [[Windows 2000]] Server, 17 February 2000) | |||
|- | |||
| [[Windows 98]] | |||
| RTM | |||
| Directory services client (released with [[Windows 2000]] Server, 17 February 2000) | |||
|- | |||
| [[Windows 2000]] | |||
| RTM (17 February 2000) | |||
| RTM (17 February 2000) | |||
|- | |||
| [[Windows ME]] | |||
| RTM (14 September 2000) | |||
| Directory services client (released with [[Windows 2000]] Server, 17 February 2000) | |||
|- | |||
| [[Samba (software)|Samba]] | |||
| ? | |||
| Version 3.0<ref>{{cite web|url=http://www.samba.org/samba/history/samba-3.0.0.html|title=The Samba Team announces the first official release of Samba 3.0|date=2003-09-24|accessdate=2010-05-27|publisher=samba.org}}</ref> (24 September 2003) | |||
|- | |||
| JCIFS | |||
| Not supported | |||
| Version 1.3.0 (25 October 2008)<ref>{{cite web|url=http://jcifs.samba.org/|title=The JCIFS library: News|accessdate=2010-05-27}}</ref> | |||
|- | |||
| [[IBM AIX]] (SMBFS) | |||
| 5.3 (2004)<ref>{{cite web|url=http://publib.boulder.ibm.com/infocenter/pseries/v5r3/topic/com.ibm.aix.commadmn/doc/commadmndita/commadmndita_pdf.pdf|format=pdf|title=AIX 5L Version 5.3: Networks and Communication Management|page=441|publisher=[[IBM]]|date=15 Mar 2010|accessdate=18 Sep 2012}}</ref> | |||
| Not supported as of v7.1<ref>{{cite web|url=http://pic.dhe.ibm.com/infocenter/aix/v7r1/topic/com.ibm.aix.commadmn/doc/commadmndita/commadmndita_pdf.pdf|format=pdf|title=AIX 7.1: Networks and Communication Management|page=479|publisher=[[IBM]]|date=5 Dec 2011|accessdate=18 Sep 2012}}</ref> | |||
|} | |||
Poor patching regimes subsequent to software releases supporting the feature becoming available have contributed to some organisations continuing to use LM Hashing in their environments, even though the protocol is easily disabled in [[Active Directory]] itself. | |||
Lastly, prior to the release of Windows Vista, many unattended build processes still used a [[DOS]] boot disk (instead of [[Windows PE]]) to start the installation of Windows using WINNT.EXE, something that requires LM hashing to be enabled for the legacy [[LAN Manager]] networking stack to work. | |||
== See also == | |||
* [[Password cracking]] | |||
* [[Dictionary attack]] | |||
==Notes== | |||
{{reflist|group=Notes}} | |||
== References == | |||
{{reflist}} | |||
== External links == | |||
<!--===========================({{NoMoreLinks}})===============================--> | |||
<!--| DO NOT ADD MORE LINKS TO THIS ARTICLE. WIKIPEDIA IS NOT A COLLECTION OF |--> | |||
<!--| LINKS. If you think that your link might be useful, do not add it here, |--> | |||
<!--| but put it on this article's discussion page first or submit your link |--> | |||
<!--| to the appropriate category at the Open Directory Project (www.dmoz.org)|--> | |||
<!--| and link back to that category using the {{dmoz}} template. |--> | |||
<!--| |--> | |||
<!--| Links that have not been verified WILL BE DELETED. |--> | |||
<!--| See [[Wikipedia:External links]] and [[Wikipedia:Spam]] for details |--> | |||
<!--===========================({{NoMoreLinks}})===============================-->* | |||
{{Wikibooks|Reverse Engineering/Cracking Windows XP Passwords}} | |||
* [http://lasecwww.epfl.ch/~oechslin/publications/crypto03.pdf Making a Faster Cryptanalytic Time-Memory Trade-Off, Philippe Oechslin, Advances in Cryptology - CRYPTO 2003] | |||
* [http://ophcrack.sourceforge.net/ Ophcrack, the time-memory-trade-off-cracker] | |||
* [http://www.oxid.it/ Cain and Abel] | |||
* [http://dl.packetstormsecurity.net/Crackers/NT/l0phtcrack/l0phtcrack.rant.nt.passwd.txt A L0phtCrack Technical Rant from Mudge considering LM Hash implementation] | |||
{{Cryptography navbox | hash}} | |||
[[Category:Password authentication]] | |||
[[Category:Broken hash functions]] | |||
[[Category:Microsoft Windows security technology]] | |||
[[Category:Computer access control protocols]] | |||
Revision as of 14:59, 16 January 2014
Name: Jodi Junker
My age: 32
Country: Netherlands
Home town: Oudkarspel
Post code: 1724 Xg
Street: Waterlelie 22
my page - www.hostgator1centcoupon.info
LM hash, LanMan, or LAN Manager hash is a compromised password hashing function that was the primary hash that Microsoft LAN Manager and Microsoft Windows versions prior to Windows NT used to store user passwords. Support for the legacy LAN Manager protocol continued in later versions of Windows for backward compatibility, but was recommended by Microsoft to be turned off by administrators; as of Windows Vista, the protocol is disabled by default, but continues to be used by some non-Microsoft CIFS implementations.
Algorithm
The LM hash is computed as follows:[1][2]
- The user's password is restricted to a maximum of fourteen characters.[Notes 1]
- The user’s password is converted to uppercase.
- The user's password is encoded in the System OEM Code page[3]
- This password is null-padded to 14 bytes.[4]
- The “fixed-length” password is split into two seven-byte halves.
- These values are used to create two DES keys, one from each 7-byte half, by converting the seven bytes into a bit stream with the most significant bit first, and inserting a null bit after every seven bits (so
1010100becomes10101000). This generates the 64 bits needed for a DES key. (A DES key ostensibly consists of 64 bits; however, only 56 of these are actually used by the algorithm. The null bits added in this step are later discarded.) - Each of the two keys is used to DES-encrypt the constant ASCII string “
KGS!@#$%”,[Notes 2] resulting in two 8-byte ciphertext values. The DES CipherMode should be set to ECB, and PaddingMode should be set toNONE. - These two ciphertext values are concatenated to form a 16-byte value, which is the LM hash.
Security weaknesses
Although it is based on DES, a well-studied block cipher, the LM hash is not a true one-way function as the password can be determined from the hash because of several weaknesses in its design:[5] Firstly, passwords are limited to a maximum of only 14 characters, giving a theoretical maximum keyspace of with the 95 ASCII printable characters.
Secondly, passwords longer than 7 characters are divided into two pieces and each piece is hashed separately; this weakness allows each half of the password to be attacked separately at exponentially lower cost than the whole, as only different 7-character password pieces are possible with the same character set. By mounting a brute force attack on each half separately, modern desktop machines can crack alphanumeric LM hashes in a few hours. In addition, all lower case letters in the password are changed to upper case before the password is hashed, which further reduces the key space for each half to .
The LM hash also does not use cryptographic salt, a standard technique to prevent pre-computed dictionary attacks. A time-memory trade-off cryptanalysis attack, such as a rainbow table, is therefore feasible. In addition, any password that is shorter than 8 characters will result in the hashing of 7 null bytes, yielding the constant value of 0xAAD3B435B51404EE, hence making it easy to identify short passwords on sight. In 2003, Ophcrack, an implementation of the rainbow table technique, was published. It specifically targets the weaknesses of LM encryption, and includes pre-computed data sufficient to crack virtually all alphanumeric LM hashes in a few seconds. Many cracking tools, e.g. RainbowCrack, L0phtCrack and Cain, now incorporate similar attacks and make cracking of LM hashes fast and trivial.
A final weakness of LM hashes lies in their implementation — since they change only when a user changes their password, they can be used to carry out a pass the hash side channel attack.
Workarounds
To address the security weaknesses inherent in LM encryption and authentication schemes, Microsoft introduced the NTLMv1 protocol in 1993 with Windows NT 3.1. For hashing, NTLM uses Unicode support, replacing LMhash=DESeach(DOSCHARSET(UPPERCASE(password)), "KGS!@#$%") by NThash=MD4(UTF-16-LE(password)), which does not require any padding or truncating that would simplify the key. On the negative side, the same DES algorithm was used with only 56-bit encryption for the subsequent authentication steps, and there is still no salting. Furthermore, Windows machines were for many years configured by default to send and accept responses derived from both the LM hash and the NTLM hash, so the use of the NTLM hash provided no additional security while the weaker hash was still present. It also took time for artificial restrictions on password length in management tools such as User Manager to be lifted.
While LAN Manager is considered obsolete and current Windows operating systems use the stronger NTLMv2 or Kerberos authentication methods, Windows systems before Windows Vista/Windows Server 2008 enabled the LAN Manager hash by default for backward compatibility with legacy LAN Manager and Windows Me or earlier clients, or legacy NetBIOS-enabled applications. It has for many years been considered good security practice to disable the compromised LM and NTLMv1 authentication protocols where they aren't needed.[6] Starting with Windows Vista and Windows Server 2008, Microsoft disabled the LM hash by default; the feature can be enabled for local accounts via a security policy setting, and for Active Directory accounts by applying the same setting via domain Group Policy. The same method can be used to turn the feature off in Windows 2000, Windows XP and NT.[7] Users can also prevent a LM hash from being generated for their own password by using a password at least fifteen characters in length.[4]
Reasons for continued use
Many legacy third party CIFS implementations have taken considerable time to add support for the stronger protocols that Microsoft has created to replace LM hashing because the open source communities supporting these libraries first had to reverse engineer the newer protocols—Samba took 5 years to add NTLMv2 support, while JCIFS took 10 years.
| Product | NTLMv1 support | NTLMv2 support |
|---|---|---|
| Windows NT 3.1 | RTM (1993) | Not supported |
| Windows NT 3.5 | RTM (1994) | Not supported |
| Windows NT 3.51 | RTM (1995) | Not supported |
| Windows NT 4 | RTM (1996) | Service Pack 4[8] (25 October 1998) |
| Windows 95 | Not supported | Directory services client (released with Windows 2000 Server, 17 February 2000) |
| Windows 98 | RTM | Directory services client (released with Windows 2000 Server, 17 February 2000) |
| Windows 2000 | RTM (17 February 2000) | RTM (17 February 2000) |
| Windows ME | RTM (14 September 2000) | Directory services client (released with Windows 2000 Server, 17 February 2000) |
| Samba | ? | Version 3.0[9] (24 September 2003) |
| JCIFS | Not supported | Version 1.3.0 (25 October 2008)[10] |
| IBM AIX (SMBFS) | 5.3 (2004)[11] | Not supported as of v7.1[12] |
Poor patching regimes subsequent to software releases supporting the feature becoming available have contributed to some organisations continuing to use LM Hashing in their environments, even though the protocol is easily disabled in Active Directory itself.
Lastly, prior to the release of Windows Vista, many unattended build processes still used a DOS boot disk (instead of Windows PE) to start the installation of Windows using WINNT.EXE, something that requires LM hashing to be enabled for the legacy LAN Manager networking stack to work.
See also
Notes
43 year old Petroleum Engineer Harry from Deep River, usually spends time with hobbies and interests like renting movies, property developers in singapore new condominium and vehicle racing. Constantly enjoys going to destinations like Camino Real de Tierra Adentro.
References
43 year old Petroleum Engineer Harry from Deep River, usually spends time with hobbies and interests like renting movies, property developers in singapore new condominium and vehicle racing. Constantly enjoys going to destinations like Camino Real de Tierra Adentro.
External links
DTZ's auction group in Singapore auctions all types of residential, workplace and retail properties, retailers, homes, accommodations, boarding houses, industrial buildings and development websites. Auctions are at the moment held as soon as a month.
Whitehaven @ Pasir Panjang – A boutique improvement nicely nestled peacefully in serene Pasir Panjang personal estate presenting a hundred and twenty rare freehold private apartments tastefully designed by the famend Ong & Ong Architect. Only a short drive away from Science Park and NUS Campus, Jade Residences, a recent Freehold condominium which offers high quality lifestyle with wonderful facilities and conveniences proper at its door steps. Its fashionable linear architectural fashion promotes peace and tranquility living nestled within the D19 personal housing enclave. Rising workplace sector leads real estate market efficiency, while prime retail and enterprise park segments moderate and residential sector continues in decline International Market Perspectives - 1st Quarter 2014
There are a lot of websites out there stating to be one of the best seek for propertycondominiumhouse, and likewise some ways to discover a low cost propertycondominiumhouse. Owning a propertycondominiumhouse in Singapore is the dream of virtually all individuals in Singapore, It is likely one of the large choice we make in a lifetime. Even if you happen to're new to Property listing singapore funding, we are right here that will help you in making the best resolution to purchase a propertycondominiumhouse at the least expensive value.
Jun 18 ROCHESTER in MIXED USE IMPROVEMENT $1338000 / 1br - 861ft² - (THE ROCHESTER CLOSE TO NORTH BUONA VISTA RD) pic real property - by broker Jun 18 MIXED USE IMPROVEMENT @ ROCHESTER @ ROCHESTER PK $1880000 / 1br - 1281ft² - (ROCHESTER CLOSE TO NORTH BUONA VISTA) pic real estate - by broker Tue 17 Jun Jun 17 Sunny Artwork Deco Gem Near Seashore-Super Deal!!! $103600 / 2br - 980ft² - (Ventnor) pic actual estate - by owner Jun 17 Freehold semi-d for rent (Jalan Rebana ) $7000000 / 5909ft² - (Jalan Rebana ) actual property - by dealer Jun sixteen Ascent @ 456 in D12 (456 Balestier Highway,Singapore) pic real property - by proprietor Jun 16 RETAIL SHOP AT SIM LIM SQUARE FOR SALE, IT MALL, ROCHOR, BUGIS MRT $2000000 / 506ft² - (ROCHOR, BUGIS MRT) pic real estate - by dealer HDB Scheme Any DBSS BTO
In case you are eligible to purchase landed houses (open solely to Singapore residents) it is without doubt one of the best property investment choices. Landed housing varieties solely a small fraction of available residential property in Singapore, due to shortage of land right here. In the long term it should hold its worth and appreciate as the supply is small. In truth, landed housing costs have risen the most, having doubled within the last eight years or so. However he got here back the following day with two suitcases full of money. Typically we've got to clarify to such folks that there are rules and paperwork in Singapore and you can't just buy a home like that,' she said. For conveyancing matters there shall be a recommendedLondon Regulation agency familiar with Singapore London propertyinvestors to symbolize you
Sales transaction volumes have been expected to hit four,000 units for 2012, close to the mixed EC gross sales volume in 2010 and 2011, in accordance with Savills Singapore. Nevertheless the last quarter was weak. In Q4 2012, sales transactions were 22.8% down q-q to 7,931 units, in line with the URA. The quarterly sales discount was felt throughout the board. When the sale just starts, I am not in a hurry to buy. It's completely different from a private sale open for privileged clients for one day solely. Orchard / Holland (D09-10) House For Sale The Tembusu is a singular large freehold land outdoors the central area. Designed by multiple award-profitable architects Arc Studio Architecture + Urbanism, the event is targeted for launch in mid 2013. Post your Property Condos Close to MRT
- Making a Faster Cryptanalytic Time-Memory Trade-Off, Philippe Oechslin, Advances in Cryptology - CRYPTO 2003
- Ophcrack, the time-memory-trade-off-cracker
- Cain and Abel
- A L0phtCrack Technical Rant from Mudge considering LM Hash implementation
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ 4.0 4.1 Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
Cite error: <ref> tags exist for a group named "Notes", but no corresponding <references group="Notes"/> tag was found