SAM / Recover Password
Posted on 2009-02-16
Considering a criminal had stole a corporate laptop. What techniques do hackers use these days to get hold of the actual password for the PC's local users / profiles. The Laptop is XP OS and when on the network logs into our active directory. I have read local user passwords live in the SAM hive.
Fortunately, we have not had any laptops stolen (yet), and are looking into disc encryption. We can engage an external pen tester to see how susceptible our group policies are to passwords being obtained by a malicious source. But if I could find out which settings help protect a users password that would be a good starting point.