Solved

2008 AD Password hashing algorithm

Posted on 2016-08-05
3
100 Views
Last Modified: 2016-08-09
Hi

We have been asked by an external source the following question:

Do you hash your passwords? What is the hashing algorithm used for the protection of passwords (Ex: Scrypt)? Are the passwords salted or hashed?

The only person who would possibly know this is on holiday! Is there a quick way to find this out within our Active Directory?

Thanks

Rich
0
Comment
Question by:Fletch_r21
3 Comments
 
LVL 20

Expert Comment

by:Daniel Van Der Werken
ID: 41744341
Are you managing user credentials yourselves or are you using Microsoft Windows for password and user management via the active directory?

If you are using active directory, then I suggest you read this article and reference it for your answers.

Otherwise, the only way to answer this question is to know how your application(s) are managing user credentials, which would be in your source code, most likely.
1
 
LVL 2

Author Comment

by:Fletch_r21
ID: 41744388
Hi Daniel

Thanks for your response. We are managing our passwords via Active Directory so I will read that article you have linked.

Thanks

Rich
0
 
LVL 38

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41744394
Active Directory uses Kerberos for authentication. Kerberos uses RC4 hashing for passwords, but this method only applies to authentication between domain members. Authentication against active directory using a non-domain system utilizes NTLM. Currently NTLM hashing utilizes MD4 or MD5, depending on which NTLM version is in use. Microsoft's solutions do not Salt hashes. This cannot be changed.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now