A little correction: any program that runs as an administrator has access to your security questions. Anyone having administrator token privileges can enable SeBackupPrivilege and yoink your security questions too. You don't even need LocalSystem rights to access SAM, well, anywhere besides the Windows Registry Editor.
Recently a family member needed help getting into their PC but they forgot their password. So I booted into a windows installation USB loaded the hive for SAM, and found the security questions. Come on Microsoft.
Microsoft: “We value your privacy” Also Microsoft: “Not only is forcing windows recall (aka spyware) on us, but also stores Security Questions in plain text”
Two more things that would be interesting to try: * What happens if there are _less_ than 3 questions in the list? Normally Windows never lets you select less, but can you do 2, 1, or even 0 questions? * What if you use crazy UTF-16 text for the _answers_? Obviously it'll be impossible to type, but can the validation algorithm handle that correctly?
Microsoft Edge's password manager also stores all its passwords in plaintext (well, not really, they are encrpyted but with a key that's in the same directory as the database... whoops).
@@tmc249TLDR: yes, always has been, google denied it as a security issue but recently added an option to encrypt them with a master password. Not sure if edge already has this or not, it's usually a few versions behind.
@@starleaf-lunathe key is encrypted with your windows user's password. So an offline disk dump is useless if you don't know the password. (In theory at least, like enderman said, windows password hashes are a joke)
@@tmc249 That's why you should never save any password in any browser, even if its Brave or Librewolf or whatever. The best password manager is your own head. :D
i feel like bad actors could use this to get personal information like what your real name is also what happens if you set only 2 questions or a question that has no question prompt but an answer
So thats another reason to skip adding a password during oobe and setting it afterwards, I never liked security questions. I wish there was also an option to disable the password hint, but you can write random gibberish to that at least.
That's why I on OOBE I make account without password, and add that then, on desktop. But I'm considering use cmd/powershell instead of Settings app, so I can skip creating password hint as well. Another dumb thing: forcing you to create less secure PIN when you add your fingerprint. Thank Microsoft I can include letters and symbols to PIN, effectively turning that into a password.
The problem is that most software can't be installed without admin. Linux solves that problem using package archives (.deb, .rpm) and trusted package repositories
Its even worse. If you're using EFS (Encrypting file system), and have security questions enabled, the questions can decrypt the EFS private key, and gain access to encrypted files. This renders EFS completely useless. All an attacker needs to do, is extract the security question answers from registry, and ask windows to reset the password (in winlogon), and boom, suddenly they gain access to "encrypted" files. (btw, I tried this in a Windows 10 VM 21h1 but it might still work on newer versions).
Isn't this why Microsoft recommends you use a Microsoft account? You officially aren't really supposed to be able to make a local account on Windows 11 Home anyway... Wouldn't be surprised to see server and pro editions following suit. Not saying this isn't bad though, honestly shocking how they don't encrypt this
They HAD option to make local account on Windows 10. And they ALSO required to make security questions. And they, most likely, also stored in plain text.
The reason why you couldn't see it at 3:45 is cause once you leave the textbox,it hides the eye button.if you want it back,you gotta remove the ENTIRE password and type it again. leaving even 1 character wont show it.
I haven't fooled around with security questions to know for sure. But maybe it's stored in plain text in order to be able to compare between the expected and given answer to pass even with small differences like punctuation?
you can also use a windows installer to gain access to trustedinstaller perms, so assuming the computer can boot into the installer, you can take whatever from wherever you want
So I don't think this is as big a deal as you might think. One scenario is where you have a local admin account on the system (which you need to access SAM anyway). In this case, you can just reset a user's password directly and take control of their account. Security questions don't matter here. Another scenario is where you don't have access and try to guess the security question answers. In this case you can't see the values in the registry so it doesn't matter how they are stored. If you can get access that is a separate problem and how they are stored doesn't matter. Last scenario is if you pull the hard drive or boot from an alternate OS from a CD or USB stick. In this case if the hard drive is unencrypted you can definitely get access which is a problem. Of course you also have access to all the user's data anyway that they haven't encrypted so that is a concern as well. BUT if they've used Bitlocker then you still can't view the security questions since they are encrypted with the rest of the drive, unless I'm mistaken about that. AFAIK Bitlocker should be enabled by default on new Windows installs now. Should the security answers be better protected? Definitely. Only other thing I have to say is there could be some dumb reason they can't (such as allowing partial string matches).
You are mistaken. The security questions are unencrypted and can be used to decrypt the encryption key and because they are stored in plaintext, the encryption is useless.
SAM is protected by System permission. If a hacker already has System might as well not have any passwords at all because you're already pwned regardless. As to why experts recommend not using security questions, its because it's easier tu guess especially if you know that person. But you can just write gibberish as the answers. And psst hey here's a secret..You can disable security questions in group policy.
@@jajoothecoolman hardcoding is when something important like the main function is set in stone in the code instead of being something you input. here enderman made the replacement q/a part of the code itself, meaning of this was compiled to a .exe it could only make one set of questions
Maybe MS decided to keep them unencrypted so they could do some level of fuzzy matching? Like if you typed "Tokyo" in OOBE but tried to reset with "tokyo". Or removing extra whitespace from answers or something like that
AIs in code editors are so funny when you do strings, sometimes i get random things like "you will be rewarded with a free robux" or "THERE IS NO ESCAPE THERE IS NO ESCAPE THERE IS NO ESCAPE THERE IS NO ESCAPE THERE IS N" Aside from that, this remembers me of chromium storing password in plain text
I know English is already the language of the world and most Slavs including Russians are often fluent in it, but it makes me wonder if Interslavic will ever be a popular language.
You can only skip these questions if you use command prompt to create the user account (or I think you can also use computer management in Pro editions) and then delete the previous one which has the security questions Edit: or you can just leave the password empty during the OOBE ;)
just setup the oobe like normal but in the password field don’t field anything just press to skip the password field because on windows you can go to control panel and create a password it will not ask for security questions
I mean, I'm not sure this is a security hole. You need to be an administrator to perform this. You can already change anyone's password if you're an administrator. The only problem with not hashing the answers is that an administrator can read them - and your answers should probably not contain sensitive information. So while they don't increase security, I'm not sure that they decrease it at all.
@@MuhammadDaniyal-wk3hp Nonsense. If you lose your password just reset it. All you need is any usb drive with windows on it. You don't need security questions.
Honestly, I think this means the only reasonable answer to a security question is the entire song text of "never gonna give you up" (or as much that fits). That way, if someone hacks you, at least you Rickroll them.
4:37 how did you get it to just be toggles? I've seen that UI before but always thought it was just early W10. It looks so much easier to decline than clicking No then Next over and over. Is it a GDPR thing where they can't have it pre-ckecked so have it as options instead?
Even if they were encrypted, these security questions aren't secure at all. There is a long list of people who would know or easily find/guess all of these, including but not limited to: My cousins, my parents and most of their friends, my own friends, my grandparents, my uncles and aunts. I don't want any of them to have unrestricted access to my computer.
These experiments are always great lol, just like bashing MS outright. They really seem to be a security vulnerability in themselves, but oh well. Anyway, hope you have fun with your other projects as well
jokes on windows back when it tried to make me use security questions i skipped making a password and made a password/passcode instead through control panel so it wouldnt give me the option to use security questions
For me though, I don't have any security questions. When I set up my current PC, I already had a Microsoft Account. It appears that having a Microsoft Account allows you to get a recovery code via email or phone, instead of having to mess with security questions.
You can always use a Nokia 6303i Classic and watch your videos by encoding them in H264, making them 240x320 and 10fps at 3gp format. Trust me it is more fascinating than you think.
I didn't test it because I always set my password in a way which bypasses the security question screen, but I assume they store it in plain text to make the matching case insensitive, also allow double space or whatever... Not that I would call that a good idea and say that there aren't other ways to do that like e.g., Facebook handles the password validation (checks with a few iterations)
If you've got admin access to the system and wanted to change the password you could. You don't need to security questions to do that as you have system or admin powers. Seems kind of redundant to probe security question answers with a process that accesses the registry with admin privileges. Should they store as plain text? Probably not... but would someone use this vector of attack when they already have access enough to do what they want? Not likely. Probably easier to scrape their system for browser sessions or something else.
honestly these security questions are insanely stupid, like you can't even ask yourself a question that only you would know the answer to, you only get 5 or 6 very specific questions that make you have to make up stuff heck, even if they just stored a hash or there were procedurally generated salts, people could figure out what hashing salts were used and then they could just brute force through a list of names or cities, so they gotta do better than that
someone at microsoft got lazy does it really matter when NTLM is already easy to crack? this also requires file/registry access. if someone has that level of access, I think there are more important things to worry about than the answers to the questions
Tbh windows 10 is more usable, it's more accessible, easier to use and to understand, don't force things upon you (security questions), is less annoying to use and it still runs fast, but tbh if you're that skilled to code a program like that and to know that E39 or whatever that was is id user 1001 then you're not even in need in using these questions to decrypt password cause you can do some stuff to set that force password reset to 1 and boom!
Remember guys, password in the system without any encryption is the password to prevent your toddler accessing the PC or to prevent your random classmates from googling black-orange UA-cam when you don’t look at the laptop
A little correction: any program that runs as an administrator has access to your security questions.
Anyone having administrator token privileges can enable SeBackupPrivilege and yoink your security questions too. You don't even need LocalSystem rights to access SAM, well, anywhere besides the Windows Registry Editor.
Recently a family member needed help getting into their PC but they forgot their password. So I booted into a windows installation USB loaded the hive for SAM, and found the security questions. Come on Microsoft.
4:48
Windows: Hi😭
Enderman: Bye🤣
The trick is you just press CTRL + ALT + DEL while you're on that screen and you sign back in :p much faster
i do this every single time
That got me 🤣
@@Dschoghurt This is a spam...
Thats great. Microsoft even forces you to select security questions
For real, i avoided it because it's unnecessary to even have at first place.
shocking
So annoying to have to sign up with no password and when you're in create one just to not make those.
Mine are A, A, and A, so now people can hack me 😱 wait.. they need physical access… my password already sucks! I don’t need to worry
Torille!
i really like these casual less-edited videos where you just explain as you go its more natural i feel
likewise!
yeah , really enjoyed it
I agree! I prefer to hear someone explaining than to just read subtitles.
Also helps that there isnt as much earrape music in this type of his videos
Same here, I really enjoyed it
Not even my gibberish keyboard mash security questions are safe! Thanks, Microsoft.
💀
Lol
"What is your dog's name?"
"Wuuswh
@@Mizu2023 Your comment is amazing
@@Mizu2023”My dog name is “
Microsoft: “We value your privacy”
Also Microsoft: “Not only is forcing windows recall (aka spyware) on us, but also stores Security Questions in plain text”
@@maddox5081 didn't they change it to be off my default lol
@@H3llfire320It still stands that they've baked it directly into Explorer - they certainly want to force it to be always on later.
@@H3llfire320 Yeah but they’re trying to make it mandatory now saying it was just a “bug” that you could disable it
Two more things that would be interesting to try:
* What happens if there are _less_ than 3 questions in the list? Normally Windows never lets you select less, but can you do 2, 1, or even 0 questions?
* What if you use crazy UTF-16 text for the _answers_? Obviously it'll be impossible to type, but can the validation algorithm handle that correctly?
I think you can enter most things by using the Alt Gr key and some number combination ;)..
"security and privacy? whats that?" - michaelsoff
true :3
@@jajoothecoolman hi god :3
michaelhard
michaelsoft binbows
@@jajoothecoolman red ball 9
Microsoft Edge's password manager also stores all its passwords in plaintext (well, not really, they are encrpyted but with a key that's in the same directory as the database... whoops).
id be curious if its just edge or every chromium browser as well
if it's encrypted, but the key is stored in the same database, why even bother encrypting it?
@@tmc249TLDR: yes, always has been, google denied it as a security issue but recently added an option to encrypt them with a master password. Not sure if edge already has this or not, it's usually a few versions behind.
@@starleaf-lunathe key is encrypted with your windows user's password. So an offline disk dump is useless if you don't know the password. (In theory at least, like enderman said, windows password hashes are a joke)
@@tmc249 That's why you should never save any password in any browser, even if its Brave or Librewolf or whatever. The best password manager is your own head. :D
4:25 andrew and ashley is not a good idea
rolling in my coffin rn
Beat me to it
i love cargo containers
@@artyoshka What's for soup?
don't get it
I remember years ago I just opened regedit using utilman on the lock screen and found all the security questions inside the sam folder in there lol
Bruh
Ok haiden
@@𰻝eat glass
11:44 bro got rickrolled by a code editor ☠️☠️☠️
we do some light trollege
rickroll in big 24 💔
i feel like bad actors could use this to get personal information like what your real name is
also what happens if you set only 2 questions or a question that has no question prompt but an answer
So thats another reason to skip adding a password during oobe and setting it afterwards, I never liked security questions.
I wish there was also an option to disable the password hint, but you can write random gibberish to that at least.
@@ezequieldom641 Did youtube make oobe a clickable search automatically or did you make it? If the latter, how?
when the hell did UA-cam add a search feature to comments? the word “oobe” was blue and had a search icon
@@kab43 finally UA-cam adding something that sounds useful
@@ezequieldom641 it’s a youtube search, not a google search. so close yet so far
@@ezequieldom641 I just type space as the password hint, it works
That's why I on OOBE I make account without password, and add that then, on desktop.
But I'm considering use cmd/powershell instead of Settings app, so I can skip creating password hint as well.
Another dumb thing: forcing you to create less secure PIN when you add your fingerprint. Thank Microsoft I can include letters and symbols to PIN, effectively turning that into a password.
if you change/set you password on the security options screen (ctrl+alt+del) you don't have to put in an password hint
just put no password then instantly shift f10 and do net user "user" "password" and thats it@@msedgeundwinfan
@@msedgeundwinfan That too
@@tapafon_red The PIN is just as secure if not more secure because it can not be phished and/or bruteforced as easily
"only one of them are real, the rest are virtual"
Me who knows that you're using a virtual machine and that ALL of them are virtual:
I swear 90% of security issues in Windows can be solved by running your main account as a limited user and only elevating permissions when needed.
@@rdqsr That sounds kind of familiar...
The problem is that most software can't be installed without admin. Linux solves that problem using package archives (.deb, .rpm) and trusted package repositories
6:37 elevate to trusted######### ?
@@DraidK yeah he almost got banned for making videos with trustedinstaller
why hashtag
Its even worse. If you're using EFS (Encrypting file system), and have security questions enabled, the questions can decrypt the EFS private key, and gain access to encrypted files. This renders EFS completely useless. All an attacker needs to do, is extract the security question answers from registry, and ask windows to reset the password (in winlogon), and boom, suddenly they gain access to "encrypted" files. (btw, I tried this in a Windows 10 VM 21h1 but it might still work on newer versions).
Isn't the registry encrypted too?
@@someoneunknown6894 No. No it is not.
@@SpookerII Why not?
My POV is of a Linux user, and as far as I know, full disk encryption encrypts *everything* possible
0:10 streeeeeeeeeeeeeeeeeeeech lol
Screw the error-filled computer just this once. Embrace Cat.
Isn't this why Microsoft recommends you use a Microsoft account? You officially aren't really supposed to be able to make a local account on Windows 11 Home anyway... Wouldn't be surprised to see server and pro editions following suit.
Not saying this isn't bad though, honestly shocking how they don't encrypt this
you can make a local account just you have to do extra stuff to do it
@@SOTP. Exactly my point, it is a chore to create one - it isn't the intended method of account creation for a new user.
@@MegaBytesMe yeah
They HAD option to make local account on Windows 10. And they ALSO required to make security questions.
And they, most likely, also stored in plain text.
insecurity questions
Well said
The reason why you couldn't see it at 3:45 is cause once you leave the textbox,it hides the eye button.if you want it back,you gotta remove the ENTIRE password and type it again. leaving even 1 character wont show it.
Microsoft : We do things for your privacy. We care about it.
Also microsoft : Does not fixes RTLO attacks and hidden file extension attacks
loved the THERE IS NO ESCAPE tidbit, wow that took me back
THERE IS NO ESCAPE
Lol the obvious NoEscape reference was so funny to me
I haven't fooled around with security questions to know for sure. But maybe it's stored in plain text in order to be able to compare between the expected and given answer to pass even with small differences like punctuation?
you can also use a windows installer to gain access to trustedinstaller perms, so assuming the computer can boot into the installer, you can take whatever from wherever you want
Supposed to be researching on IoT but I'm gonna stay here
Same level of security
similar level of security
DUDE WHAT I WATCH YOUR VIDEOS NO WAY @@xpower7125
Same level of security. Hence probably a Majority connects to microsofts azure cloud servers or chinese tuya servers
0:35 ngl i would be just as annoyed if i dropped my ice cream
So I don't think this is as big a deal as you might think.
One scenario is where you have a local admin account on the system (which you need to access SAM anyway). In this case, you can just reset a user's password directly and take control of their account. Security questions don't matter here.
Another scenario is where you don't have access and try to guess the security question answers. In this case you can't see the values in the registry so it doesn't matter how they are stored. If you can get access that is a separate problem and how they are stored doesn't matter.
Last scenario is if you pull the hard drive or boot from an alternate OS from a CD or USB stick. In this case if the hard drive is unencrypted you can definitely get access which is a problem. Of course you also have access to all the user's data anyway that they haven't encrypted so that is a concern as well. BUT if they've used Bitlocker then you still can't view the security questions since they are encrypted with the rest of the drive, unless I'm mistaken about that. AFAIK Bitlocker should be enabled by default on new Windows installs now.
Should the security answers be better protected? Definitely. Only other thing I have to say is there could be some dumb reason they can't (such as allowing partial string matches).
Exactly what I was thinking the whole video
Like it's not accessible, and when it is, everything is accessible
You are mistaken. The security questions are unencrypted and can be used to decrypt the encryption key and because they are stored in plaintext, the encryption is useless.
I always hated them. I was thinking that why does M$ want to know these private details about me. Anyways, is there way not to enter them at all?
dont set it at oobe and set it after you go to desktop, it doesnt ask as ik
@@HAKANKOKCU Last time I installed it in VM it did not give me any option not to set it.
@@test-rj2vlwhen it asks for the password leave it blank
getting rickrolled by Copilot is WILD
Bro just hack windows in couple of minutes pov me:Trying to guess security questions in 10 hours
*TRYNA
SAM is protected by System permission. If a hacker already has System might as well not have any passwords at all because you're already pwned regardless. As to why experts recommend not using security questions, its because it's easier tu guess especially if you know that person. But you can just write gibberish as the answers. And psst hey here's a secret..You can disable security questions in group policy.
11:45 ain't no way you didn't hardcode that🤣
?
@@jajoothecoolman hardcoding is when something important like the main function is set in stone in the code instead of being something you input.
here enderman made the replacement q/a part of the code itself, meaning of this was compiled to a .exe it could only make one set of questions
Maybe MS decided to keep them unencrypted so they could do some level of fuzzy matching? Like if you typed "Tokyo" in OOBE but tried to reset with "tokyo". Or removing extra whitespace from answers or something like that
AIs in code editors are so funny when you do strings, sometimes i get random things like "you will be rewarded with a free robux" or "THERE IS NO ESCAPE
THERE IS NO ESCAPE
THERE IS NO ESCAPE
THERE IS NO ESCAPE
THERE IS N"
Aside from that, this remembers me of chromium storing password in plain text
oobe is so scared of Enderman it just breaks without him doing anything
2:40 oobe part that says "Hi" is also selectable
still russian accent. i love it
I know English is already the language of the world and most Slavs including Russians are often fluent in it, but it makes me wonder if Interslavic will ever be a popular language.
I am from Russian to
Why would it go away? I guess if he really made an effort to get rid of it but one would have to care a lot to bother to do that.
It's cringe
@@R1ch4rd you don't have to watch. Plenty of other UA-camrs.
1:24 they even used to force people to set up these, which really sucks for this plaintext security thing
why dors microsoft even force you to do these? makes me have to spam my keyboard, AND NOW THAT IS EVEN NOT SECURE?????
Video idea: bricking a windows system by flipping a single bit of
yo what? You dont get the option to skip it?
@@themen3ace yup. That's why this is so bad.
You can only skip these questions if you use command prompt to create the user account (or I think you can also use computer management in Pro editions) and then delete the previous one which has the security questions
Edit: or you can just leave the password empty during the OOBE ;)
and then remove them
just setup the oobe like normal but in the password field don’t field anything just press to skip the password field because on windows you can go to control panel and create a password it will not ask for security questions
2:49 you definitely dont want magic to happen when you are an sorcerer on your own
i love those experiments
Glad you enjoy them as much as I do!
"Don't use Windows security questions"
"Don't use windows" was enough for me
Kitties! You should do a video just showing off your cats.
It's crazy all the content you make, I love it! I've been following you for a while now, I never get tired of your videos!
PS: Not bad cats 😺
I mean, I'm not sure this is a security hole. You need to be an administrator to perform this. You can already change anyone's password if you're an administrator. The only problem with not hashing the answers is that an administrator can read them - and your answers should probably not contain sensitive information. So while they don't increase security, I'm not sure that they decrease it at all.
Many people lose their passwords and get saved by security questions. Which only someone with your computer can answer.
@@MuhammadDaniyal-wk3hp Nonsense. If you lose your password just reset it. All you need is any usb drive with windows on it. You don't need security questions.
i rlly like these more casual styled videos, pls do more
I love joining early to the premieres, the description is like: Links? Later
14:00 I love how Windows doesn't even warn you, when you've reused the same or older password. Which is usually a Microsoft thing. 😅🤣
#BrokenW11
7:45 i love how he accidentally says "or 3 и (russian for and) 9"
Nice catch! Though I was referring to the hex number 3E9...
the registry said 3E9 and not 3 И 9
It was literally "3E9" if you see on the far left, but that would be an interesting mistake.
So cringe
@MoneyGrab yeah, "три E9" xD
Honestly, I think this means the only reasonable answer to a security question is the entire song text of "never gonna give you up" (or as much that fits). That way, if someone hacks you, at least you Rickroll them.
4:37 how did you get it to just be toggles? I've seen that UI before but always thought it was just early W10. It looks so much easier to decline than clicking No then Next over and over. Is it a GDPR thing where they can't have it pre-ckecked so have it as options instead?
finally normal video with voice
Omg Enderman uploading more videos!! 🎉🎉 You're awesome buddy you really explain in detail ❤
Can you do full Command prompt guide I think its cool and I don’t feel like searching every single detail and I would not even know what to search
Even if they were encrypted, these security questions aren't secure at all. There is a long list of people who would know or easily find/guess all of these, including but not limited to: My cousins, my parents and most of their friends, my own friends, my grandparents, my uncles and aunts. I don't want any of them to have unrestricted access to my computer.
These experiments are always great lol, just like bashing MS outright.
They really seem to be a security vulnerability in themselves, but oh well. Anyway, hope you have fun with your other projects as well
Darn... This is quite cool from malware standpoint I must say... not for usual user, though! :D
Thanks for the video!
Windows Security Questions: Hi
Enderman: GO AWAY YOUR USELESS
Windows Security Questions: 😭😭😭
That was a great video. Good thing I never setup the security questions for my windows account anyway.
Even worse, your password isn't secure either..
@@jynz_l hello Roblox guy who made windows 10 in boblox
@@team-fortress-1 sorry, i only made windows 11 not windows 10.
@@jynz_l mb
jokes on windows back when it tried to make me use security questions i skipped making a password and made a password/passcode instead through control panel so it wouldnt give me the option to use security questions
That first zaglo one may be useful to outright dissble the questions
For me though, I don't have any security questions. When I set up my current PC, I already had a Microsoft Account. It appears that having a Microsoft Account allows you to get a recovery code via email or phone, instead of having to mess with security questions.
That OOBE speedrun plus hi-bye😂
i can now troll my friends with security questions
Here before the Enderman gets restricted by Google once again
I mean, if any service uses system rights to compromise your user account, they would already have access to the whole system...
holy enderman is on a uploading rampage
For anyone saying windows 11 is bad i didnt got the telemetry thing and i didnt get aerformance drop,i guess thats good
You can always use a Nokia 6303i Classic and watch your videos by encoding them in H264, making them 240x320 and 10fps at 3gp format. Trust me it is more fascinating than you think.
This really surpass all the security breach with generic questions easy to decrypt
Now with this is more hard find these questions
I didn't test it because I always set my password in a way which bypasses the security question screen, but I assume they store it in plain text to make the matching case insensitive, also allow double space or whatever... Not that I would call that a good idea and say that there aren't other ways to do that like e.g., Facebook handles the password validation (checks with a few iterations)
They are probably stored in plain text to make it REALLY EASY for the NSA !
The internet would be fixed if
A : They let you make a local account
Or
B : They let you make a local account
If you've got admin access to the system and wanted to change the password you could. You don't need to security questions to do that as you have system or admin powers. Seems kind of redundant to probe security question answers with a process that accesses the registry with admin privileges.
Should they store as plain text? Probably not... but would someone use this vector of attack when they already have access enough to do what they want? Not likely. Probably easier to scrape their system for browser sessions or something else.
wasn't the password itself stored in plain text pre nt 6.0?
honestly these security questions are insanely stupid, like you can't even ask yourself a question that only you would know the answer to, you only get 5 or 6 very specific questions that make you have to make up stuff
heck, even if they just stored a hash or there were procedurally generated salts, people could figure out what hashing salts were used and then they could just brute force through a list of names or cities, so they gotta do better than that
someone at microsoft got lazy
does it really matter when NTLM is already easy to crack?
this also requires file/registry access. if someone has that level of access, I think there are more important things to worry about than the answers to the questions
Imagine using windows in 2024 when proton lunches most windows apps anyway
16:22 Жду чтобы это было в NoEscape 🔥
Same OOBE error happened to me, the date was correct though
Probably an ambiguous region was selected during initial ISO setup, like English Europe.
@@R1ch4rdworked eventually though? I didn’t do anything at all and it just did
@@jam06 it eventually works, that's correct, but the error still persists.
Tbh windows 10 is more usable, it's more accessible, easier to use and to understand, don't force things upon you (security questions), is less annoying to use and it still runs fast, but tbh if you're that skilled to code a program like that and to know that E39 or whatever that was is id user 1001 then you're not even in need in using these questions to decrypt password cause you can do some stuff to set that force password reset to 1 and boom!
Only a minute left!
i saw you at his telegram channel xd
Oh! Watching during premiere and it’s a video where my adhd ass will actually watch it because it’s a voiceover
11:50 i love that
At least they should have hashed the answer value if they deadly wanted to put plain json directly into registry.
Remember guys, password in the system without any encryption is the password to prevent your toddler accessing the PC or to prevent your random classmates from googling black-orange UA-cam when you don’t look at the laptop
Love your voice man, where are you from?
@@eliaskerlin5465 Russia
You can find owner email of a MacBook with diagnostic logs bruh
I watched this on the student transportation van on the way home from school during the instant premier
Sit back while Microsoft collects more of your data .. err .. updates itself =)
Cool!
Reminds me of how GD stores your password in your save file in plain text
you still have to decrypt ur save file ig lol
@@SOTP. It's not encrypted, just compressed with gzip
@@9vlc pretty sure it also uses xor and uses base64
Actually, my dads friend (The guy who made my pc) didn't answer the security questions becuase he said "It's useless"
Is bitlocker secure? What if you encrypt your whole drive? Would that work against Windows 11 bypass or Microsoft account password recovery?