On a Windows 2008 R2 machine, which is not part of an AD-environment, the local account passwords are stored using unsalted MD4 hashes. Is it possible, to
- Change the hashing algorithm and
- enable salting?
UPDATE 1:
I found a setting in gpedit.msc: Computer Configuration > Windows Settings > Security Settings > Security Options > System cryptography: Use FIPS compliant algorithms for encryption.
According to 1 this however does not seem to affect the hashing algorithm applied to user passwords.
1 Answer
No, You are not allowed to change Hashing Algorithm in server 2008
3
