In the latest Windows 11 preview build, Microsoft removed the “bypassnro” command, which let users skip signing into a Microsoft Account when installing Windows.
In the latest Windows 11 preview build, Microsoft removed the “bypassnro” command, which let users skip signing into a Microsoft Account when installing Windows.
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 26200.5516 (KB5054687) to the Dev Channel. REMINDER: Starting with
You're viewing a single thread.
I use that command partially because Microsoft accounts don't allow passwords as long as the password I like to use for my PC
are you a horse battery staple wizard
Basically. It's essentially a full-on sentence and last time I looked, Microsoft allowed about half the character length.
Well, at least they aren't pretending to accept longer passwords but actually truncating it, like they used to in hotmail and live.
They were silently truncating the passwords to something like the first 16 characters, the rest was ignored.
Correct
my man
Which suggests to me that MS stores plaintext passwords. Because a hash function doesn't care about the length of what it's hashing, the output will always be the same length, so they could verify a 300 character password with the same storage space as a 3 character password.
Not how it works. You don't attempt to guess the hashed password, you guess a password which then is hashed
What's stored is hash(password). Then the password check is stored == hash(entered).
Hash(x) will be the same length, regardless of what x is. What that length is depends on which hash function it is. So the database can set the length of its storage for each user's password to the length of the hash and the hash function will take any size password.
Genuine question:
What's the point of a long password on Windows? I understand that sometimes you don't want people accessing your stuff, but all it takes to bypass that and someone access your files is booting off of a USB stick. Or do you perhaps use full disk encryption?
It's mostly my penchant for longer passwords in general. I did not plan to swap up strategies for my personal PC login account. Seeing microsoft demand a shorter password than I use almost everywhere else was... not promising.