Currently on my stage of learning about MS Windows security and authentication procedures.And have one question that I can't find answer to.
There are Local Security Authority (LSA) and Security Account Manager(SAM) responsible for authentication process.
Lsa is responsible for validating user for logon and SAM holds users password in a one-way hashed value.
This value can not be reversed back to the plain text password. That basically means that when you try to login, hash is generated upon your password and then compared against hash in the SAM.
But I cannot find this hash algorithm that is used for hashing user password before comparison procedure.
Logically there should be some place for storing this hash algorithm,
because this hash should always be the same for particular user at least.

Could that be in lsass.exe itself?


Votes + Comments
Interesting question, well written.
6 Years
Discussion Span
Last Post by lolafuertes
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.