Widely used [laptop] fingerprint reader exposes Windows passwords in seconds

Forums: Computer Security, Biometrics, Laptop Security, Fingerprint Reader, Computer Password
Email this Topic • Print this Page

Quote:

Widely used fingerprint reader exposes Windows passwords in seconds
If your laptop uses software from UPEK, it's exposing your Windows password.
Fingerprint-reading software preinstalled on laptops sold by Dell, Sony, and at least 14 other PC makers contains a serious weakness that makes it trivial for hackers with physical control of the machine to quickly recover account passwords, security researchers said.

http://arstechnica.com/security/2012/09/windows-passwords-exposed/

Does anyone here use one of those fingerprint scanners to lock/unlock their laptop?

Topic Stats
Top Replies
Link to this Topic

Type: Discussion • Score: 2 • Views: 2,683 • Replies: 2

No top replies

@tsarstepan,

Quote:

When activated, the software writes Windows account passwords to the registry and encrypts them with a key that is easy for hackers to retrieve.

It does seem as though the would have to have access to windows before they could get into the registry. Am I missing something?

1 Reply

@roger,

As I understand it, the registry is one of the first things to load up BEFORE Windows actually boots up during start up so no. When one turns on the computer, either the registry then/or the bios starts up first then one is prompted by the Windows password. So the registry has already been opened even before the Windows password has been asked for.

0 Replies

Widely used [laptop] fingerprint reader exposes Windows passwords in seconds

Related Topics

Quick Links

My Account

able2know