[
forensicfocus.com] The former way to acquire the Windows logon password of user is to get a NTML hash value through the Windows logon session and registry then crack it. Figure 1 shows the well-known ways to get a NTML hash value of user’s windows logon password. All of the obtained information using these methods is NTLM hash and it needs to be cracked with password crack tools. If the password is too long and even hard to crack, it is difficult to acquire the user’s Windows logon password. … [infosec]
