Someone I know needed to recover a Windows password.
They ran a utility that scanned the disk and gave them a password.
The password worked, but they are 100% positive that the password wasn't the original password, which was a person's or pet's name and an important date.
The password generated was a random mix of letters and numbers but apparently it matches the "Hash".
I take it that the "Hash" is a resultant formula based on the entered password so any sting of text that is fed in to the formula and matches the "Hash" will unlock the computer?
Is this correct and a plain English explanation of how it works would be most welcome?
I understand that this doesn't work on modern versions of Windows, is this true?
I don't know specifically what standard Windows uses but access mechanisms that rely on a password generally use a one-way hash.
A simplified explanation without the maths and other security features:
When you create/change a password the system takes the clear text and uses an algorithm to generate the hash. The algorithm is designed so that it is easy to generate a hash but mathematically and computationally impractical to take the hash and reverse the process. The hash is then stored as your password.
When you subsequently login, the system takes what text you've entered as your password, hashes it again using the same mechanism and compares it to what it stored.
If you forget the password you can either:
a) Read the hash from storage and spend a few years of compute time hoping to reverse the hash.
b) Replace the stored hash with a newly generated one and tell the user what text you used to generate the new hash.