Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: passwords via DPAPI cracking?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
In the "DPAPI Secrets. Security analysis and data recovery in DPAPI" page over on https://www.passcape.com/index.php?sectio...ails&id=28

there is a section near the end titled:
"Recovering user password without loading hashes from SAM/NTDS.DIT"


whose last paragraph reads:

[. . .] the recovery of user's password from the Master Key is not of any practical benefit. For example, in Windows 7, the password validation goes at the speed of about 10 p/s. Theoretically, the speed can be increased by a few orders of magnitude by optimizing the encryption algorithms and engaging GPU in the validation. [. . .]

Has this ever been on the goals list for oclHashcat?
No clue what DPAPI is