Skip navigation

Q. Where in the registry are my passwords for Microsoft Fingerprint Reader stored?

A. When you register you fingerprints via Microsoft Fingerprint Reader, the software updates your SAM account under the HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users registry subkey. (This subkey is hidden; if you try to access it, you'll see only an empty SAM key.) The actual passwords are stored in the HKEY_LOCAL_MACHINE\SOFTWARE\DigitalPersona\DB\Data\Users subkey. In this subkey, each user whose fingerprints are registered has an entry. The main logon password is a binary value in the format S.MainSystemLogon.\{3AC492E9-E0B8-497A-B4DF-2C360C7842EB\}; the data for this value is the password. Web site passwords are in the format U.9C3CD43FDEE43E47.\{3AC492E9-E0B8-497A-B4DF-2C360C7842EB\}. The HKEY_LOCAL_MACHINE\SOFTWARE\DigitalPersona\DB\Data\IdList subkey maps the value in brackets to the user ID.

The password data is encrypted and unreadable. However, unlike regular password storage, which is a hashed base process and not reversible, passwords that are used with Fingerprint Reader can be converted back to their regular format. Thus, you shouldn't use Fingerprint Reader to allow access to highly secure material because passwords can be unencrypted.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.