Windows account passwords, or NTLM passwords, are among the easiest to recover due to their relatively low cryptographic strength. At the same time, NTLM passwords can be used to unlock DPAPI-protected data such as the user’s passwords stored in Web browsers, encrypted chats, EFS-protected files and folders, and a lot more. In this article we argue about prioritizing the recovery of NTLM hashes over any other types of encrypted data.
Modern versions of Windows have many different types of accounts. Local Windows accounts, Microsoft accounts, and domain accounts feature different types of protection. There is also Windows Hello with PIN codes, which are protected differently from everything else. How secure are these types of passwords, and how can you break them? Read along to find out!