On Wed, 21 Oct 1998, bt398 wrote: > Microsoft did it the other way. The function returns the uncrypted password > to a buffer (... no comment). > > Indeed, this is not _big_ deal but if a user has access to your computer > after you logged then he can easily retrieve your password.. And I am sure > that a lot of people uses the same password for their mail and their > windows password (so it is somewhat a security problem). I attached a small > program that prompts the password of the user (you must have logged in > first); this only work on Windows for Workgroup 3.11 and Windows 95 > (Windows 98 and Windows NT are not affected -hopefully-). [cachepig.zip removed] NT (4.0 SP3+hotfixes) isn't affected, 98 is affected
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:20:48 PDT