I recently started experimenting with Hash Suite 3.5.1 – a Windows program that tests the security of password hashes.
A problem I’m already running into is that Hash Suite is only able to see the username and hashes on my Windows 10 laptop but not my Windows 10 desktop. The main difference (that I can see) between the two PCs is that my laptop has BitLocker enabled! There must be something else that I’m missing here, related to the SAM file version and behaviour.
I can see my usernames in Hash Suite when using the "Import: Local accounts" option.
I haven’t been able to test this against an offline copy of my laptop’s SAM file due to BitLocker making it more complicated to extract the SAM file (as Windows locks it when booted) but I will try to test this scenario soon.
An offline version of the SAM file reveals no username/hash pairs.
When attempting to import local accounts from within Windows (something that works on the laptop), I get the following error:
LM and NTLM are both greyed out when selecting the offline copy of my SAM file:
Does anyone have any ideas why these two different Windows 10 systems are behaving differently?