Does Windows Server 2003 store passwords in a salted has format?

I am running a windows server 2003 stand alone server. Not connected to active directory.  I need to know if when I create a local luser account and password does it do the following automatically or can I do it this way?

Passwords must be stored in a salted hash format. The salt used must be unique to each user. Approved hashing algorithms include those with a minimum strength of 256 bits, e.g. SHA-256.
Who is Participating?
flyingskyConnect With a Mentor Commented:
Windows can store passwords in two ways. LM Hash or NT Hash (pretty
strong if users can come up with a good strong password).

For LM Hash --because DES is used to create a hash, so it is weak.
For NT Hash - MD4 or MD5 is used

Salting is not used when storing the passwords - hashes.
kdschoolAuthor Commented:
I am using NT passwords.  Would you argue that these are as strong as using salting?  If salting is not an option for windows NT then maybe they are refering to another platform.  I just want to get enough valid informatoin so iif they ask me why I can respond appropriately.  Thanks.
kdschoolAuthor Commented:
I found a really good article on this and windows. Thanks for your direction
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.