GO to the azbil Global Site

The photo of a boy and his father who are looking at the screen of pc. Products Company Research In The Media Contact



A wonder of Windows 2000 password

I recommend you to adjust the length of your password of Windows 2000 to 15 characters or longer. It is because the information on the password does not come to light at all even if Windows 2000 automatically throws your password into the network using the weak LM authentication. For the time being, let me explain what it is. Windows 2000 maintains your password information for each LM and NTLM authentications. These passwords can be seen with the famous pwdump2. When you adjust your password to 15 characters or more, the string for the LM authentication becomes a constant value, "aad3b435b51404eeaad3b435b51404ee". This implies that the password is null. So when Windows 2000 does the LM authentication using this information, the password thrown to the network is actually a null password. In the other words, Windows 2000 uses only the NTLM authentication when passwords are composed of 15 characters or more. Note that even if the password data for the LM authentication implies a null password, no one can access your Windows 2000 remotely by that null password, so it is not necessary to worry. By the way, the length of the password of Windows 2000 can be up to 127 characters long.

(Jun. 2001)

Note: It is the same for Windows XP and 2003.
Microsoft Knowledge Base Article - 299656
Method 3: Use a Password That Is at Least 15 Characters Long

OLD: Microsoft Knowledge Base Article - 299656

FYI: Ten Windows Password Myths (SecurityFocus)



SecurityFriday TM

(C)Azbil SecurityFriday Co., Ltd. All rights reserved.