Recovering Internet Explorer Passwords: Theory and Practice
Recovering Internet Explorer Passwords: Theory and Practice
1. Introduction
2. Types of passwords stored in Internet Explorer
2.1. Internet Credentials
2.2. AutoComplete data
2.3. AutoComplete passwords
2.4. FTP passwords
2.5. Password Synchronization
2.6. Identities passwords
2.7. AutoForms data
2.8. Content Advisor password
3. Brief overview of the programs Internet Explorer password recovery
4. PIEPR – the first contact
5. Three real life examples
5.1. The current recovery FTP user passwords
5.2. Password Recovery web site a downloadable operating system
5.3. Retrieving stored passwords rare
6. Conclusion
1. Introduction
Nobody is likely that questions the fact that Internet Explorer web browser is most popular today. According to statistics, approximately 70% of Internet users prefer to use only this program. Arguments about its pros and cons can last forever, however, this browser is the leader in its industry, and this is a fact that requires no proof. Internet Explorer makes integrates several technologies designed to make life easier for the average user. One of them – IntelliSense – is done to take care of routine tasks, such as automatically end visited website addresses, automatic filling of form fields, user passwords, etc.
Many Web sites now require registration, which means, the user would enter username and password. If you use more than a dozen such sites site, you may need a password manager. All modern browsers have built-in password manager in your arsenal, and Internet Explorer is not a stranger. Of Indeed, why one has to remember another password if you are forgotten soon anyway? Much easier would be to have your browser do the routine work to remember and store passwords for you. It is convenient and comfortable.
This would be a totally perfect, however, if your Windows operating system crashed or reinstall not how it should be reinstalled, you can easily lose all your passwords precious list. That is the toll for the comfort and convenience. Okay almost every site has a saving of "I forgot my password 'button. However, this button does not always have your headache you.
Every software developer solves the problem of password recovery forgotten their own way. Some of them officially recommend copying a couple of important files to another folder, while others send all registered users a special utility that allows the management of migration of private data, and the third claim that are not seeing the problem. Nevertheless, the demand created the supply, and programs to recover the password currently in high demand.
In this article, we will try to classify types of private data stored on Internet Explorer, look under programs for data recovery, and the study of examples actual recovery of lost Internet passwords.
2. Types of Internet Explorer saved passwords
– Internet Explorer can store The following types of passwords:
– Internet Credentials
– AutoComplete data
– AutoComplete Passwords
– Passwords FTP
– Synchronizing passwords for websites Cached
– Identities passwords
– AutoForms Data
– Content Advisor Password
Let's take a closer look to each item listed.
2.1. Internet web sites Credentials
Internet credentials means user logins and passwords needed to access certain websites, which are processed by the library Wininet.dll. For example, when you try to enter the protected area of a website, you can see the following username and password for the system.
If the "Remember my password" is selected in the prompt, the user credentials are stored in the local computer. Earlier versions of Windows on the 9th data stored in PWL file User Windows 2000 and later be stored in protected storage.
2.2. AutoComplete data
AutoComplete data (passwords will be covered more below) are also stored in Protected Storage and appear as lists of names of HTML form field and the corresponding user data. For example, if a page HTML contains an e-mail address entry dialog: once the user entered your email address, the name will be Protected Storage HTML field, the value of the address, and the time the record was last accessed.
The HTML page title and address of the site not are stored. Is that good or bad? It is difficult to determine; more likely to be good than bad. Here are the obvious advantages: it saves space and speeds performance of the browser. If you think that the last note is insignificant, try to imagine how it must perform several additional checks in a multi-thousand (this is not as strange as it sounds) auto-complete the list.
Another obvious advantage is that identical data by name (and sometimes by theme) HTML form fields is stored in the same place, and common data will be used for automatic filling of these sites. We'll see that in this example. If an HTML page contains an auto-complete box with the name of 'email', and the user entered their email address in this field, IE will put into storage, approximately my@email.com email = '. From now on, if the user opens another website, which has a page with the same field name 'email', the user is suggested that auto-fill to the value entered on the first page (my@email.com). Thus, the browser capabilities of AI discovers something itself.
The biggest drawback of this method of data storage out of their advantage just described. Imagine, the user has entered auto-complete data on one page web. If anyone knows the name of the HTML form field, that person can create their own simple html page with the same field name and call it from a local disk. To find the data entered in this field, that person will not even need to connect to the Internet and open the original URL WWW.
2.3. AutoComplete Passwords
In the case of password data, however, as you probably guessed, the data is not automatically populated. Because passwords are stored autocomplete along with the name of the website, and each password is bound to one specific HTML page.
In the new version, Internet Explorer 7 both AutoComplete passwords and data are encrypted completely different, the encryption method is free from the deficiencies described above (if it can be classified as a defect.)
It is worth noticing that Internet Explorer allows users to manage auto-complete settings manually through the menu of options.
2.4. FTP passwords
FTP site passwords are stored more or less the same way. It is relevant to note that since Windows XP passwords FTP, also encrypted with DPAPI. This encryption method uses the logon password. Naturally, this makes it much more difficult recover lost or manually, as they now have to make the user's Master Key, SID and account password.
From Microsoft Windows 2000 operating system began offering data protection applications programming interface (DPAPI) API. It's just a couple of function calls that provide data-level operating system protection services to the user and system processes. On the OS level, we refer to a service that is provided by the own operating system and requires no additional libraries. For data protection, we mean a service that provides data confidentiality through encryption. Given that data protection is part of the OS, each application can now secure data without any specific cryptographic code that is not necessary function calls to DPAPI. These calls are two simple functions with various options to modify DPAPI behavior. Overall, DPAPI is a very easy to use service that benefit developers should ensure the protection of sensitive application data such as passwords and private keys.
DPAPI is a password-based data protection service: Requires a password to provide protection. The downside, of course, is that all protection provided by DPAPI is based on the password provided. That is offset by DPAPI using proven cryptographic routines, including Triple-DES and strong AES algorithm and strong keys, we to cover in more detail later. Since DPAPI is focused on providing protection to users and requires a password to provide this protection, logically uses the user password login protection.
DPAPI is not responsible for storing confidential information it protects. Is solely responsible encrypt and decrypt data for programs that call, such as Windows Credential Manager, the mechanism of private storage key, or any other third party program.
Please refer to the Microsoft Web site for more information.
2.5. Password Synchronization for cached websites
Synchronizing passwords free from having to enter passwords for websites cached (sites set to be available offline.) Such passwords are also stored in Protected Storage of IE.
2.6. Identities passwords
So are the watchwords identities. The management of identity-based access is not widespread in the Microsoft products, except, maybe, Outlook Express.
2.7. AutoForms data
A special paragraph must cover the form of self-completion method, which is a hybrid form of data storage. This method stores actual data in protected storage, and address, that data belongs, is stored in the user record. The URL written in the register is stored as plain text – is stored as a hash. Here is the algorithm for reading automatically fill in data IE 4-6:
=== 8RemoveAll ();
/ / Check if AutoForm passwords are present in the register
if (EntryPresent (cszUrl))
(
/ / Read Pstore passwords AutoForm
PStoreReadAutoformPasswords return (cszUrl, saPasswords)
),
false return;
),
/ / Check if the passwords AutoForm are present
BOOL CAutoformDecrypter: EntryPresent (LPCTSTR cszUrl)
(
assert (cszUrl)
DWORD dwRet, dwValue, dwSize = Sizeof (dwValue)
LPCTSTR cszHash = GetHash (cszUrl)
/ / Calculate the hash Problems
if (! cszHash)
return false;
/ / Check the record
dwRet = SHGetValue (HKEY_CURRENT_USER, _T (" Software Microsoft Internet Explorer IntelliForms SPW"), cszHash, NULL, & dwValue and dwSize);
remove ((LPTSTR) cszHash)
if (ERROR_SUCCESS == dwRet)
return true;
m_dwLastError = E_NOTFOUND;
return false;
),
/ / Retrieve hash address given by the text and translate it into hexadecimal format
LPCTSTR CAutoformDecrypter: GetHash (LPCTSTR cszUrl)
(
assert (cszUrl)
BYTE buf [0x10];
LPTSTR pret = NULL;
int i;
if (HashData (cszUrl, buf, sizeof (buf)))
(
/ / Assign a space
pret = new TCHAR [sizeof (buf) * sizeof (TCHAR) + sizeof (TCHAR)];
if (pret)
(
for (i = 0, i0)
[PHash dw] = (BYTE) ps;
/ / Hash real things
while (dwDataSize -> 0)
(
for (dw = dwHashSize; ps -> 0;)
(
/ / = M_pPermTable permutation table
[PHash dw] pHash = [m_pPermTable [PS] ^ pData [dwDataSize]];
),
),
),
=== 8
The next generation, the seventh of the browser, is more likely going to make this user storage mechanism data from its main data storage method, the decline of the old and Protected Storage. Better to say, auto-complete data and passwords from Now, this will be stored.
What's so special and interesting in this mechanism did MS decide not to use it as primary? Well, firstly, was the idea of encryption, which is not new at all, but simple and even genius, to misfortune. The idea is to stop and store encryption keys are generated each time you consider necessary. The raw material for keys would address the HTML page on the Web.
Let's see how this idea into action. Here's IE7 simplified algorithm to automatically fill saved data and password fields:
Save a Web page address. We will use this address as the encryption key (EncryptionKey).
2 get the registration key. RecordKey = SHA (EncryptionKey).
3 Calculate checksum for RecordKey to ensure the integrity of the registry key (the actual data integrity is guaranteed by DPAPI). RecordKeyCrc = CRC (RecordKey).
4 Encrypt the data (passwords) with the encryption key EncryptedData = DPAPI_Encrypt (Data EncryptionKey).
5 Save RecordKeyCrc + + RecordKey EncryptedData in the registry.
Discard EncryptionKey 6.
It's very, very difficult to recover the password without having the original web address. Decryption seems pretty trivial:
1 When the web page original is open, we have your address (EncryptionKey) and obtain registration RecordKey key = SHA (EncryptionKey).
2 Examine the list of all registry keys trying to locate the RecordKey.
3 If the RecordKey found, decrypt data stored with this key using the EncryptionKey. Data = DPAPI_Decrypt (EncryptedData, EncryptionKey).
Despite the apparent simplicity, this Web password encryption algorithm is one of the strongest today. However, it has one big disadvantage (or advantage, depending on which it is viewed.) If you change or forget the original Web page address, it will be impossible to retrieve the password for it.
2.8. Content Advisor password
And the last item on our list is Content Advisor password. Content Advisor was originally developed as a tool to restrict access to certain websites. However, for some reason was despised by many users (Surely, you can disagree with that.) If you have turned again under Content Advisor, entered a password and then forgot it, you will not be able to access most web sites on the Internet. Fortunately (or unfortunately) This is easily fixed.
The actual Content Advisor password is not stored as plain text. Instead, the system calculates the MD5 hash and stored in the Windows registry. In an attempt to access the restricted area, the password entered by the user is also hash and the hash is compared with that stored in the Register. Check out the code shown PIEPR Content Advisor password source:
=== 8 empty CContentAdvisorDlg: CheckPassword ()
(
CRegistry registration;
/ / Read the record
registry.SetKey (HKLM, "SOFTWARE Microsoft Windows CurrentVersion Policies Ratings ");
BYTE PKey [MD5_DIGESTSIZE] pCheck [MD5_DIGESTSIZE]
if (! registry.GetBinaryData ("Key" PKey, MD5_DIGESTSIZE))
(
MessageBox (MB_ERR, "Can not read the password.")
return;
),
/ / Get a user-set
CString cs;
m_wndEditPassword.GetWindowText (cs)
MD5Init ();
MD5Update ((LPBYTE) (LPCTSTR) cs, cs.GetLength () +1);
MD5Final (pCheck)
/ / Check hashes
if (memcmp (PKey, pCheck, MD5_DIGESTSIZE) == 0)
MessageBox (MB_OK, "The password is correct! ");
more
MessageBox (MB_OK, "Password incorrect".)
),
=== 8
He first thing you can think of is to try to choose the password by using brute force or dictionary attack. However, there is a smarter way to do that. You can simply remove the hash from the registry. That's all so simple … Well, it is best to rename the contrary, so if you ever need it, you can restore it back. Some programs also allow users to check the Content Advisor password, you drag out "password hint, toggle password and off, etc.
3. Brief description of the programs Internet Explorer Password Recovery
It is worth noting that not all programs password recovery suspect there are many ways to recover passwords. This is probably related to the fact that some passwords (for example, synchronization passwords) are not often used in real life, and FTP passwords are not as simple as 'removed'. Here is a brief description of the most popular commercial products password recovery for most popular browser on earth:)
Advanced Internet Explorer Password Recovery of the company is not unknown, ElcomSoft – does not recognize the encrypted passwords and FTP passwords AutoForm. Unless excluded, the latest version of the program may have learned to do that. Easy, convenient user interface. The program can be updated online automatically.
Internet Explorer Key Passware – Likewise, does not recognize certain types of passwords. Sometimes the program stops with a critical error when reading some rare types of URLs in IE. First sample two characters of passwords are recovered. The advantages worth mentioning are the spartan user interface and ease of operation.
Internet Explorer Password Thegrideon Software – Not bad, but can retrieve only three types of passwords of Internet Explorer (this is enough for most cases.) Managing passwords FTP correctly. Version 1.1 has problems AutoForm passwords recovery. It has convenient user interface, which somehow reminds one of AIEPR. One can be totally overwhelmed by beauty and usefulness of the website of the company.
Internet Password Recovery Toolbox Rixler Software – offers some functions than previously covered competitors. FTP can retrieve encrypted passwords and delete the selected resources. However, it has some bugs. By example, some types of records can not delete IE. The program comes with a detailed help file.
ABF Password Recovery ABF software – A program rather good with a friendly user interface. The list of record types supported by the program IE is not long. However, it is all right. The program can be classified as a multi-functional, as it can restore the passwords of other programs, too.
The major drawback of all the programs mentioned here is the ability to recover the currently logged on user only.
As stated above, the general body of Internet Explorer stored resources saved in a special storage called Protected Storage. Protected Storage has been developed specifically for the storage of personal data. Therefore the functions to with it (called PS API) are not documented. Protected Storage is first introduced with the release of version 4 of Internet Explorer, which, incidentally, unlike the third version was written from scratch.
Protected Storage provides applications with an interface to store user data that must be maintained secure or free from modification. Stored data units are called elements. The structure and content of information stored is opaque to the system protected storage. Access to articles is subject to confirmation in accordance with a user-defined style of Security, which specifies what confirmation is needed to access data, such as whether a password is required. In addition, access to the items is subject to a rule set accessor. There is an access rule for each mode of access: For example, reading and writing. set the access rule clauses are composed of access. Normally at the time of installation application, a mechanism is provided for a new application to request user access to items that may have been created previously by another application.
The elements are uniquely identified by the combination of a key, type, subtype, and the name. The key is a constant that specifies if the item is global to the computer or associated only with this user. The name is a string, usually chosen by the user. Type and Subtype GUIDs are usually specified by the application. Additional information on types and subtypes remains the system log and include attributes such as display name and user interface tips. For subtypes, the father of a fixed rate and is included in the registry as an attribute. The elements of the group type is used for a common purpose: for example, payment or identification. The Subtype group items share a common data format.
So, until very recently, all password recovery programs Internet Explorer uses undocumented APIs. That is why a constraint applied to significant recovery work: PS API can only work with passwords for the user who is logged on. When the system encrypts data stored in Protected Storage, in addition to all the world uses the user's SID, without which it is literally impossible (given the current level of functioning of computers 'Calculation) to retrieve stored passwords.
Protected Storage uses a very well thought through the method of data encryption that uses master keys and strong algorithms such as des, sha, and shahmac. Similar data encryption methods are now used in most modern browsers, for example, Opera or Firefox. Microsoft, meanwhile, quietly but surely develops and tests new. When this article was written in pre-beta version of Internet Explorer 7 Protected Storage is only used to store FTP passwords.
The analysis of this preliminary version suggests that Microsoft is preparing another "surprise" in the form of new algorithms, encryption interesting. No one knows for sure, but chances of the new security company InfoCard technology data participate in the encryption of private data.
So, with great confidence we can say that with the launch of Windows Vista and version 7 of Internet Explorer passwords be stored and encrypted with fundamentally new algorithms, and Protected Storage Interface, to all appearances, will become open to third-party developers.
It's a little sad, because we believe that the true potential of undiscovered protected storage. And I think:
– First, Protected Storage is based on the structure of modules, which lets you connect other storage vendors to it. However, during the past 10 years, while there protected storage, a single storage provider start-ups. Protected Storage System is the storage vendor only in the operating system, which is used by default.
– Secondly, has its own protected storage, integrated into the access management system, that for some reason, it is used in Internet Explorer or other MS product.
– Thirdly, it is not clear why Member States have decided to reject the storage protected data storage and AutoComplete passwords. Reject as a tried and true data storage, and data encryption mechanism. It would be Protected Storage logical shown to maintain at least for data storage in the implementation of an encryption algorithm. Without exception, there were compelling reasons for it. Therefore, it would be interesting to hear the opinion of specialists in multiple sclerosis with respect to this issue.
4. PIEPR – the first contact
Passcape Internet Explorer Password Recovery was developed specifically to circumvent the restriction of PS API and make it possible to recover passwords directly binaries from the registry. On the other hand, has a number of additional features for advanced users.
assistant program lets you choose a of several modes of operation:
– Automatic: current user passwords will be recovered by accessing the PS closed API. All user passwords currently stored in the current Internet Explorer will recover with a single mouse click.
– Manual: The passwords are recovered without PS API. main advantage of this method is the ability to recover passwords from your old Windows account. You'll need to specify path to file user registration. Log files are not usually available for reading, however, the technology used in PIEPR doing that (provided you have local administrative rights.)
User log file name is ntuser.dat, resident in the user profile, which typically% SYSTEMDRIVE%: Documents and Settings % USERNAME%, where% SYSTEMDRIVE% represents the system disk with the operating system and USERNAME%% is usually the account name. For example, the log file path might look like this: C: Documents and Settings Ntuser.dat John
If you ever been a happy owner of Windows 9x/ME, after upgrading the operating system to Windows NT, Protected Storage foresight saved a copy of your private information age. As a result, protected storage may contain multiple user IDs, so will ask PIEPR to select the most appropriate before reaching the decoding of data.
One of the SIDs in the list will contain data that leave the old Windows 9x/ME. These data are also encrypted password of user login and PIEPR is not currently compatible with the decryption of data.
If ntuser.dat contains encrypted passwords (eg passwords FTP sites), the program will need additional information in order to decipher:
– Start of session password of the user whose data has to be deciphered
– Full path to the user MasterKey
– User SID
Normally, the program finds the last two elements in the user profile and fill out the data automatically. However, if ntuser.dat was copied from another operating system, will have to take responsibility for his account. The easiest way to get the job done is to copy the entire folder with the user's primary key (there may be several of them) to the ntuser.dat folder. Master key lies in the following folder on the local computer:% systemdrive%: Documents and Settings % USERNAME% Application Data Microsoft Protection % users%, where% SYSTEMDRIVE% is the system disk with the operating system,%% username – account name Users%% – SID of the user. For example, the path to the folder with a key teacher may be the following: C: Documents and Settings Juan Application Data Microsoft Protection S-1-5-21 1587165142-6173081522-185,545,743 1003. Let it be clearly recommended to copy the entire folder S-1-5-21-1587165142-6173081522-185545743-1,003, which may contain several master keys. Then the key will automatically select PIEPR correct.
Windows marks as some hidden and system folders, so they are invisible in Windows Explorer. To make them visible, enable show hidden objects and view system settings or use an alternative file manager.
Once the folder with the user's master key is copied to the ntuser.dat folder, PIEPR automatically finds the necessary data, so you only have to enter the password for recovering FTP passwords.
Content Advisor
Content Advisor passwords, as mentioned already, is not stored as plain text but are stored as a hash. In the dialog box Advisor password management content, is sufficient to delete only (you can reset the password to remove at any time thereafter) or change the hash to unlock sites blocked by Content Advisor. PIEPR also display your password hint if available.
Asterisks Password
mode PIEPR quarter, which allows you to recover passwords of Internet Explorer hides behind the asterisks. To retrieve the password, simply drag the magnifying glass to the window **** with a password. This tool allows you to recover passwords for other programs that use IE also frameworks, such as Windows Explorer, some browsers based on IE, etc.
We have reviewed the basic modes of Internet Explorer password recovery. There are also a number of additional features for viewing and editing of cookies, cache, visited pages history, etc. We are not going to cover in detail but we will see a recovery of a few examples done with PIEPR password.
5.1. Three real life examples.
Example 1: Recovery of current FTP user password
To the open an FTP site, Internet Explorer is the record of the dialog box.
If you opened this site and set the "Save password option in the authentication dialog box, the password must be kept in protected storage, so that recovery is a fairly trivial job. Select mode PIEPR of Automatic and click "Next." Search our resources in dialogue with decrypted passwords that appears (the name of the site should appear in the Resource Name column.)
As we see, the decryption of the current user's password should not cause any particular difficulty. Oh, if the password is not for some reason – do not forget to check-IE Auto Complete configuration. Perhaps you simply do not have to configure the program to save passwords.
5.2. Three real life examples.
Example 2: We will have to recover passwords of websites. The operating system is unbootable.
This is a typical, but not fatal situation. The need to recover passwords from Internet Explorer after reinstalling Windows without success occurs with the same frequency.
In either case, we anterior profile of the user with all the files within it. This set is usually enough to do the job. In case of resettlement, Windows foresight saves the age profile with a different name. For example, if your account name was John, after changing the name may seem John.WORK-72C39A18.
The first and the first you have to do is to access the files on the age profile. Two ways of doing this:
– Installing a new operating system on a different hard disk, For example, Windows XP, and hook the old hard drive to.
– Create a boot disk for Windows NT. There are many different utilities for creating boot disks and USB flash drives available online. For example, you can use BartPE or WinPE. Or a different one. If your old profile is stored in a part of your hard disk NTFS, the boot disk will have to support NTFS.
Take the first path. Once access to the age profile, we must let the system to show hidden and system files. Otherwise, files that need to be invisible. Open the Control Panel, then click Folder Options, and select the View tab. On this tab, locate the "Display all hidden files and folders' and select it. Hide the Delete 'protected operating system files'. When passwords are required recover, it's best to restore these options for the way they are established before.
Open the program assistant in manual mode and specify the path to the file Old profile record. In our case, which is c: Documents and Settings John.WORK-72C39A18 ntuser.dat . When John.WORK-72C39A18 is the account name above. Click "Next."
These data should normally be sufficient to recover passwords of Internet Explorer. However, if there is at least one encrypted password FTP, the program requests for additional data, without which it will not be able to recover these types of passwords:
– User Password
– User Master Key
– SID of the user.
Normally, the program finds the last two articles of user profile and fill in automatically. But if not, you can do this by hand: ntuser.dat copy and the folder with the master key to a separate folder. It is important to copy the entire folder, which may contain multiple keys, and the program automatically select the correct one. Then enter the path to the ntuser.dat file you copied to another folder.
That's it. Now we have to introduce the old account password and the recovery is complete. If you do not mind the FTP password, you can skip the user's password, Master Key, and dialogue SID login.
5.3. Three real life examples.
Sample 3: Recover the passwords stored rare.
When sometimes we open a site web browser, the authentication dialog box appears. However, PIEPR it off, either automatic or manual mode. The 'Save Password "Internet Explorer is enabled. We must recover this password.
In fact, some Web sites to let the browser to save passwords the list of AutoComplete passwords. Often these websites are written in JAVA or use other methods of storing passwords, for example, which store passwords in cookies. A cookie is a small piece of text that accompanies requests and pages that go between the Web server and browser. The cookie contains information from the Web application can read whenever the user visits the site. Cookies provide a useful in Web applications to store specific information the user. For example, when a user visits your site, you can use cookies to store user preferences and other information. When you visit your website in another time, the application can retrieve the information already stored. Cookies are used for all types of effects, all relating to the website to help you remember. Essentially, cookies, Web sites store information about visitors. A cookie also acts as a kind of calling card, presenting proper identification that helps an application know how to proceed. But often criticized for weak security cookies and incorrect user identification.
If the field the password is filled with asterisks, the solution is clear: to select the operating mode PASSWORDS asterisks and then open dialogue magic magnifying glass. Then just drag the magnifying glass to the Internet Explorer window.
The password (passwords, if the Internet Explorer window has several fields with asterisks) will PIEPR appear in the window.
It is not always that simple. The password field can be empty or may contain field made *****. In this case, As you have guessed by now, the instrument asterisk password will be useless.
One may assume, the password is stored in cookies. We will try to locate it. Choose the IE Cookie Explorer tool.
The dialog that appears will list Web sites store cookies on your computer. Click the URL of the column header to sort the list of web sites in alphabetical order. This will help us find the right website easier. Go through List of web sites and select what we need. The following list shows the decryption of cookies on this website.
As the figure shows, in our case the name Username and password are not encrypted and stored as plain text.
Cookies are often encrypted. In this case, you are not likely to succeed password recovery. The only thing that can try to recover the old account is to create a new account. Then you will be able to copy the cookies of age in a text editor and replace them with new ones. However, this is only good when the worst comes to worst, not recommended for use as normal.
Do not forget also that almost all pages and forms with passwords have the 'Forgot Password button.
Conclusion
Like this article shows, password recovery Internet explorer is a fairly simple job that requires no knowledge or special skills. However, despite the apparent simplicity, systems and password encryption algorithms are very well thought out and implemented the same way. Although the concept of protected storage is more than 10 years of age, do not forget that proved very best expert recommendations and has been implemented through three generations of this popular browser.
With the launch of the next version, IE 7, Microsoft is developing fundamentally new schemes for the protection of our sensitive data in the using improved encryption algorithms and eliminates the shortage own protected storage.
In particular, the analysis of preliminary beta versions of Internet Explorer 7 has shown that AutoForm password encryption keys are no longer stored with the data. They are not stored, period! This is a little know-how, which must be estimated its real value, both for professionals and end users, finally, will benefits be shared anyway.
However, the main thing is, the launching the new concept will eliminate the biggest drawback own protected storage, which is the ability to recover passwords without knowing additional information. It rather, it was enough for a potential hacker to gain physical access to the contents of a hard disk in order to steal passwords or damage and the user data private. With the release of Internet Explorer 7, the situation changes somewhat.
Meanwhile, we'll just wait impatiently for the arrival of Windows Vista and Internet Explorer 7 to have a closer look at the encryption mechanisms used in the next generation of this popular browser.
This document may be reproduced or distributed freely provided that the
original article reference is placed in each copy of this document.
(C) 2006 Passcape Software. All rights reserved.
About the Author
Ivan Orlov, сhief programmer. http://www.passcape.com
What Is a CD?