Q. Where in the registry are my passwords for Microsoft Fingerprint Reader stored?

John Savill

December 9, 2004

1 Min Read
ITPro Today logo in a gray background | ITPro Today

A. When you register you fingerprints via Microsoft Fingerprint Reader, the software updates your SAM account under the HKEY_LOCAL_MACHINESAMSAMDomainsAccountUsers registry subkey. (This subkey is hidden; if you try to access it, you'll see only an empty SAM key.) The actual passwords are stored in the HKEY_LOCAL_MACHINESOFTWAREDigitalPersonaDBDataUsers subkey. In this subkey, each user whose fingerprints are registered has an entry. The main logon password is a binary value in the format S.MainSystemLogon.{3AC492E9-E0B8-497A-B4DF-2C360C7842EB}; the data for this value is the password. Web site passwords are in the format U.9C3CD43FDEE43E47.{3AC492E9-E0B8-497A-B4DF-2C360C7842EB}. The HKEY_LOCAL_MACHINESOFTWAREDigitalPersonaDBDataIdList subkey maps the value in brackets to the user ID.

The password data is encrypted and unreadable. However, unlike regular password storage, which is a hashed base process and not reversible, passwords that are used with Fingerprint Reader can be converted back to their regular format. Thus, you shouldn't use Fingerprint Reader to allow access to highly secure material because passwords can be unencrypted.

Read more about:

Microsoft

About the Author

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like