Well, I did some more research into the NT password security issue and I discovered that I can get access to the Security section of the registry and there are some VERY interesting values there, stored as raw hex. I created a test user and checked the values of these registry keys with two different passwords and iterestingly enough the data in the keys changed when I changed the password. I plan on doing some more work, including changing the values and seeing if the password change, but I've been somewhat busy lately. I've st up a web page at http://shadowland.rh.uchicago.edu/ntcrypto.html that has the password I used and the data in the two registry values that changed when I changed the password. I invite people to look at it and speculate what the change means. Also, I can provide a few more plaintext/cyphertext pairs if necessary. The change in the values could be something like update time, but I don't think that they'd store that as raw hex, espically hex as long as the stuff I got. Good luck figuring it out. _____________________________________________________________________________ Ted Cabeen cabeen@netcom.com Finger for PGP Public Key secabeen@midway.uchicago.edu "I have taken all knowledge to be my province." cococabeen@aol.com