Hi,
Are the “places” where microsoft applications store passwords on the protected files / registry keys by default?
For exemple Office 2013 stores passwords here:
HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook
from 2002 to 2010:
[Windows NT onwards]
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles
[Prior to Windows NT]
HKEY_CURRENT_USER\Software\Microsoft\Windows Messaging Subsystem\Profiles
And network passwords are storred here (under win vista & 7):
APPDATA Location - C:\Users\<username>\AppData\Roaming\Microsoft\Credentials\
LOCALAPPDATA Location - C:\Users\<username>\AppData\Local\Microsoft\Credentials\
For XP:
APPDATA Location - C:\Documents and Settings\<username>\Application Data\Microsoft\Credentials\<user sid>\
LOCALAPPDATA Location - C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\Credentials\<user sid>\
Should I add them to the protected files and folders to make sure that a malicious program doesn’t try to get them?
SOURCE: http://securityxploded.com/outlookpassworddecryptor.php // Exposing the Secret of Decrypting Network Passwords - www.SecurityXploded.com