A fascinating story from a guy who knows where the bodies are buried. This basically works like an oracle. Cred Guard returns an opaque blob to LSA. L
[See the full post at: Steve Syfuhs: What happens behind the scenes when you type your password into the Windows logon screen]
![]() |
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
Steve Syfuhs: What happens behind the scenes when you type your password into the Windows logon screen
Home » Forums » Newsletter and Homepage topics » Steve Syfuhs: What happens behind the scenes when you type your password into the Windows logon screen
- This topic has 9 replies, 6 voices, and was last updated 4 years, 8 months ago.
Tags: Win10 logon sequence
AuthorTopicwoody
ManagerAugust 25, 2020 at 9:32 am #2291188Viewing 2 reply threadsAuthorReplies-
rc primak
AskWoody_MVPAugust 25, 2020 at 11:04 am #2291216Of course, Cred Guard only works on Enterprise Windows. The rest of us don’t get that protection, yet.
-- rc primak
1 user thanked author for this post.
-
doriel
AskWoody LoungerAugust 26, 2020 at 9:29 am #2291795Dont know where your information came from, but on my VM Windows 2004 Pro, there is Credential guard. I have no oportunity to test it on Home version now.
Interesting story anyway, thanks a lot for that.
Cached logon is separate for every domain user I think, cause computer somehow remembers imprint (opaque blob) of his last valid password. Every domain user with his own user folder (usually C:Users … ) can logon with his last used password offline. Even if this password is not valid on the domain anymore.
Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise
HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29
PRUSA i3 MK3S+
1 user thanked author for this post.
-
doriel
AskWoody LoungerAugust 27, 2020 at 12:37 am #2291934My bad @rc-primak, I mixed two things together – credential guard and credential vault.
Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise
HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29
PRUSA i3 MK3S+
1 user thanked author for this post.
-
rc primak
AskWoody_MVP
-
-
-
E Pericoloso Sporgersi
AskWoody LoungerAugust 26, 2020 at 2:14 am #2291746I’m rarely so very dense as today.
I have no idea what “Cred Guard returns an opaque blob to LSA.” means.
Repeat in school English, please.
1 Desktop Win 11
1 Laptop Win 10
Both tweaked to look, behave and feel like Windows 95
(except for the marine blue desktop, rgb(0, 3, 98)1 user thanked author for this post.
-
Paul T
AskWoody MVPAugust 26, 2020 at 2:59 am #2291748Windows Defender Credential Guard is an additional layer of security for your Windows login. You don’t need to know the terms to use it, but some of us are interested in how it works.
cheers, Paul
3 users thanked author for this post.
-
E Pericoloso Sporgersi
AskWoody Lounger
-
-
-
Biiljoy
AskWoody LoungerAugust 26, 2020 at 9:38 am #2291800This is not that serious for a hacker to overcome. Get admin access to install Security Support Provider and defeat that way, keylogger, I am not impressed with any Windows security. Android is the biggest target now but Microsoft is still up there, lots of exploits and dirty tricks galore. Don’t let Bill Gates break his own arm patting himself on the back.
I am more agreeable with the guy who pied him after win98 blue screen crash on demo boot.
-
rc primak
AskWoody_MVP
-
Viewing 2 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Windows 11 Insider Preview build 27863 released to Canary
by
joep517
8 hours, 19 minutes ago -
Windows 11 Insider Preview build 26120.4161 (24H2) released to BETA
by
joep517
8 hours, 20 minutes ago -
AI model turns to blackmail when engineers try to take it offline
by
Cybertooth
1 hour, 4 minutes ago -
Migrate off MS365 to Apple Products
by
dmt_3904
4 hours, 29 minutes ago -
Login screen icon
by
CWBillow
2 hours, 47 minutes ago -
AI coming to everything
by
Susan Bradley
8 hours, 30 minutes ago -
Mozilla : Pocket shuts down July 8, 2025, Fakespot shuts down on July 1, 2025
by
Alex5723
23 hours, 59 minutes ago -
No Screen TurnOff???
by
CWBillow
1 day ago -
Identify a dynamic range to then be used in another formula
by
BigDaddy07
1 day ago -
InfoStealer Malware Data Breach Exposed 184 Million Logins and Passwords
by
Alex5723
1 day, 12 hours ago -
How well does your browser block trackers?
by
n0ads
22 hours, 48 minutes ago -
You can’t handle me
by
Susan Bradley
10 hours, 20 minutes ago -
Chrome Can Now Change Your Weak Passwords for You
by
Alex5723
15 hours, 25 minutes ago -
Microsoft: Over 394,000 Windows PCs infected by Lumma malware, affects Chrome..
by
Alex5723
1 day, 23 hours ago -
Signal vs Microsoft’s Recall ; By Default, Signal Doesn’t Recall
by
Alex5723
1 day, 3 hours ago -
Internet Archive : This is where all of The Internet is stored
by
Alex5723
2 days ago -
iPhone 7 Plus and the iPhone 8 on Vantage list
by
Alex5723
2 days ago -
Lumma malware takedown
by
EyesOnWindows
1 day, 12 hours ago -
“kill switches” found in Chinese made power inverters
by
Alex5723
2 days, 9 hours ago -
Windows 11 – InControl vs pausing Windows updates
by
Kathy Stevens
2 days, 9 hours ago -
Meet Gemini in Chrome
by
Alex5723
2 days, 13 hours ago -
DuckDuckGo’s Duck.ai added GPT-4o mini
by
Alex5723
2 days, 13 hours ago -
Trump signs Take It Down Act
by
Alex5723
2 days, 21 hours ago -
Do you have a maintenance window?
by
Susan Bradley
1 day, 1 hour ago -
Freshly discovered bug in OpenPGP.js undermines whole point of encrypted comms
by
Nibbled To Death By Ducks
1 day, 23 hours ago -
Cox Communications and Charter Communications to merge
by
not so anon
3 days ago -
Help with WD usb driver on Windows 11
by
Tex265
11 hours, 45 minutes ago -
hibernate activation
by
e_belmont
3 days, 9 hours ago -
Red Hat Enterprise Linux 10 with AI assistant
by
Alex5723
3 days, 13 hours ago -
Windows 11 Insider Preview build 26200.5603 released to DEV
by
joep517
3 days, 16 hours ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.