

Windows 8 stores logon passwords in plain-text - cschramm
http://www.passcape.com/index.php?section=blog&cmd=details&id=27&setLang=2

======
teovall
The phrase "stored in plain text" does not mean anything near the same thing
as "encrypted with AES in the Windows Vault using the Data Protection API".
This story is complete hogwash.

~~~
IanDrake
I'm thinking the same thing. These aren't website passwords, they need to be
recoverable by an administrator. I'm sure this is by design.

~~~
viraptor
Why do you think they should be recoverable by anyone? You can verify your
details against a hash, or reset them anyway.

