Windows 10, Outlook, Skype and SkyDrive passwords easily hacked with Russian software

vbimport

#1

We’ve just posted the following news: Windows 10, Outlook, Skype and SkyDrive passwords easily hacked with Russian software[newsimage]http://www.myce.com/wp-content/images_posts/2016/03/16310708dc7e8e8120e36f689a1-95x75.jpg[/newsimage]

The software “System Recovery” from the Russian company Elcomsoft makes it possible to crack Microsoft accounts which provide access to Windows 8(.1) and Windows 10 but also to Outlook.com, OneDrive and Xbox Live. The System Recovery software previously already made it possible to gain access to local Windows accounts.

            Read the full article here: [http://www.myce.com/news/windows-10-outlook-skype-skydrive-passwords-easily-hacked-russian-software-78937/](http://www.myce.com/news/windows-10-outlook-skype-skydrive-passwords-easily-hacked-russian-software-78937/)

            Please note that the reactions from the complete site will be synched below.

#2

Unless this also applies to Windows 7, it’s another good reason to stick with it.


#3

[QUOTE=voxsmart;2770586]Unless this also applies to Windows 7, it’s another good reason to stick with it.[/QUOTE]

I think it would apply to Windows 7 if “[I]Windows 8(.1) and Windows 10 store a local copy of the password hash of the Microsoft account to make sure users can login to their computer offline.[/I]” applies to a Windows domain account as well. If it is only talk about logging on to your Microsoft account, chances are it only applies to 8-10 users, but only those logging on to online accounts instead of the usual local account like I do in Windows 10.

I am a little uncertain as to what is covered by the tool, but then again, cracking the local SAM database never been too much trouble :flower:


#4

Actually, it applies to Windows 7, 8/8,1 and 10, and all other versions listed here https://www.elcomsoft.com/esr.html#chart. Resetting or changing Windows password is possible no matter whether you authorise online or offline. The only thing you should remember is that after resetting your password you may lose access to all data protected with encryption based on Windows password (e.g. EFS encryption). That’s why extracting password hash and brute forcing it (speed is rocket high) is a better option to recover the original password. :slight_smile:


#5

[QUOTE=Elcomsoft;2770627]Actually, it applies to Windows 7, 8/8,1 and 10, and all other versions listed here https://www.elcomsoft.com/esr.html#chart. Resetting or changing Windows password is possible no matter whether you authorise online or offline. The only thing you should remember is that after resetting your password you may lose access to all data protected with encryption based on Windows password (e.g. EFS encryption). That’s why extracting password hash and brute forcing it (speed is rocket high) is a better option to recover the original password. :)[/QUOTE]

Thank you for the clarification :iagree:

… and welcome to the forum Elcomsoft :flower: