ELCOMSOFT.COM » Proactive System Password Recovery

Behind asterisks

Top  Previous  Next

In many Windows applications (and in the operating system itself), there are some input fields (typically used to enter passwords) that always show their contents as asterisks (*). So when/if your password is saved in the system but you cannot see it because of that feature, you can use PSPR  to reveal it, automatically or manually.


The simplest mode is automatic: PSPR  scans all visible windows on the desktop, finds the ones where 'asterisked' controls exist, extracts/reveals their contents and prints them into its own window, along with some technical information such as window title, handle, and class. If the Make asterisk field visible option is set, all such controls will be changed so they will show the actual strings instead of asterisks.


Please note that in this (automatic) mode some controls (used by system services, JAVA applications, those with non-standard Windows class, etc.) will still not be revealed. Edit controls on web pages (opened by Microsoft Internet Explorer), however, are supported.


There is also a manual mode, which may help if there are too many windows on the desktop, and/or if the control you want to reveal has non-standard class. Press the second button and don't release the mouse button; drag the cursor pointer (which will be changed, by the way) to the field you're interested in, and drop it (release the mouse) there. When dragging, the 'active' window will be 'bordered'.


In manual mode, if you drop the pointer on a control that has Internet Explorer _ Server  class, you can get the HTML source of that control. This works for all applications that use IE frames, such as Internet Explorer itself, Windows Explorer, Outlook and Outlook Express, Microsoft Help and many others.


If both automatic and manual modes still fail to do the job, you may need to add a proper class name in options. It is also possible that this control has 'real' asterisks in it, simply indicating that the password is saved (e.g., as for Windows RAS).


Please note that there are some applications that try to detect such (revealing) 'attacks', when another program tries to get the string under the asterisks. For them, automatic mode should still work, but only if Make asterisks fields visible option is not set.


The other options are:


l        Stay on top: if enabled, the PSPR window will be always topmost.

l        Alternative scanning algorithm (for manual mode only): may help if you cannot locate the proper window to extract the text from – for example, if that control is disabled.

l        Transparent window  (Windows 2000/XP/2003 only): enable that option to make the PSPR  window transparent, so you will be able to see what is behind it.

Get more information about Proactive System Password Recovery
Get full version of Proactive System Password Recovery

(c) 2014 ElcomSoft Co.Ltd.