Researchers from Switzerland have developed a scheme that lets them crack most Windows passwords in about 13 seconds, reducing the time it takes to break these codes by more than a minute and a half. The scheme enforces a growing concern in the security community that the way in which Microsoft encodes passwords in Windows is inherently weak, opening the door for cracking programs to use brute-force methods to test and break passwords.
Philippe Oechslin, one of the Swiss researchers, recently published a paper online called "Making a Faster Cryptanalytic Time-Memory Trade-Off," which highlights the new password cracking scheme. According to the paper, the cryptanalytic time-memory trade-off is based on a technique first developed in 1980. "As an example we have implemented an attack on MS-Windows password hashes," the researchers write. "Using 1.4GB of data (two CD-ROMs) we can crack 99.9 percent of all alphanumerical passwords hashes ... in 13.6 seconds whereas it takes 101 seconds with the current approach using distinguished points. We show that the gain could be even much higher depending on the parameters used."
Oddly, the researchers weren't really interested in cracking Windows passwords, but were rather trying to demonstrate the previous theoretical cryptanalytic time-memory trade-off technique. They note that Microsoft's passwords are weak because, when encrypted, they do not include any random information. Thus, the same password on two different Windows machines will always be the same when encrypted as well. This makes it much easier to break the password encryption, they note.
While its possible to generate more secure passwords by using non-alphanumeric characters and other special characters, the researchers say that even this won't solve the inherent problem in Windows because all they'd need is more time or a larger data set (or both) to crack those passwords as well.