The software "System Recovery" from the Russian company Elcomsoft makes it possible to crack Microsoft accounts which provide access to Windows 8(.1) and Windows 10 but also to Outlook.com, OneDrive and Xbox Live. The System Recovery software previously already made it possible to gain access to local Windows accounts.
Now the software is is able to cracking Microsoft accounts it is an even more powerful tool. Not only does a cracked password provide access to several Windows operating systems, it also provides access to many online services for which a Microsoft account is required.
Cracking the password is possible because Windows 8(.1) and Windows 10 store a local copy of the password hash of the Microsoft account to make sure users can login to their computer offline. The hash can then be brute forced which, according to Elcomsoft, in many cases results in the original plain text password. For bruteforcing Elcomsoft also has a tool available called Distributed Password Recovery which also makes use of the GPU to crack the password hash.
Elcomsoft also mentions that the Microsoft account provides access to the recovery keys of Bitlocker, the disk encryption tool in Windows. These recovery keys are also stored within the Microsoft account. Other things that can be accessed with a cracked Microsoft account password is the search history in Microsoft's search engine Bing, the Find my Phone feature and also Skype's timeline when Skype for Web is used.
Access to a Microsoft account can only be obtained if Elcomsoft's tools are able to brute force the password, users with long, complicated passwords might be relatively safe from this method as it takes a long time to brute force. Brute forcing means the software tries to repeatedly guess the password and check them against an available cryptographic hash of the password.
Nevertheless, System Recovery is able to reset the login of all Windows versions. Elcomsoft explains, "Elcomsoft System Recovery makes use of the local cache to reset the password and switch account type back to local (offline) authentication. Since the product comes with its own Windows PE-based bootable environment, the tool has no problem accessing, modifying or resetting accounts even if the original password is not known."
This means that if you have sensitive data on your Windows computer and think you're safe when using a password to login, think again.
Elcomsoft's software is marketed as tools for digital forensics but with prices of $99 for the Standard edition and $299 for the Professional editions they are also relative affordable for consumers. The software is available immediately.
