H3-2026-0011¶

Reversible Password Encryption Enabled on Domain Controller

Description¶

When reversible password encryption is enabled on a Windows Active Directory (AD) Domain Controller, the Domain Controller stores users' passwords using a weak, reversible encryption scheme rather than the standard one-way hash. This is required by legacy protocols such as CHAP (used by remote access/IAS) and Digest Authentication in IIS, but it significantly weakens credential security. The setting applies only to passwords set after it is enabled – existing password hashes are not retroactively converted.

Impact¶

Attackers with sufficient access can decrypt the stored passwords by combining four components: the encrypted password blob (G$RADIUSCHAP) from the user's userParameters attribute in Active Directory; a 16-byte randomly generated value (G$RADIUSCHAPKEY); the global LSA secret; and a static key embedded in RASSFM.DLL. Successfully recovering the encryption key allows the attacker to decrypt affected users' plaintext passwords, bypassing password cracking entirely and enabling lateral movement, persistence, and cross-service credential reuse.

References¶

• Store passwords using reversible encryption
• MITRE ATT&CK Technique: T1556.005: Modify Authentication Process: Reversible Encryption