legal contact rss

windows hashes facts


  • Build out of max. 14 characters of the all upercased password.
  • Devided into two 7 byte chunks.
  • Both chunks are DES encrypted and stored.
  • Default in all Windows versions prior of MS Vista


  • Takes the original PW (max 127 bytes) and hashes it with MD4


as NTLM but:

  • uses a client challenge in the computation
  • includes timestamps -> immune to replay attacks


  • Only used if NETBIOS or DNS names is used to connect
  • provides authentication for servers and clients
  • <2008 uses RC4
  • >2008 uses AES