"n April 2010, during a 6:30 a.m. check of his servers -- by then part of his daily routine -- Milburn stumbled on a folder buried in an obscure Microsoft directory, one that’s normally unused. What he found inside startled him. The file contained the encrypted versions of all eight passwords in his system -- the keys to the entire network. The hackers could use the passwords to control just about anything he could, from web servers to e-mail."
Ah. He just decrypted the encrypted versions of his passwords by looking at them. I see.
And he "stumbled upon" a directory during his routine 6:30am check. Really? He's manually inspecting servers every morning at 6:30am?
>...decrypted the encrypted versions of his passwords by looking at them. I see.
I think this means the hashed passwords. Microsoft have had several vulnerabilities in this area. Just entering a password to browse a server caused Windows (prior to Vista) to store the LM hash. An LM hash can be reversed in a matter of seconds.
Ah. He just decrypted the encrypted versions of his passwords by looking at them. I see.
And he "stumbled upon" a directory during his routine 6:30am check. Really? He's manually inspecting servers every morning at 6:30am?
This entire story is several levels of /headdesk.