msn sign in (xp-home sr1)

Topic

New Reply

This one puzzles me. I use Guard IE which deletes the cookies, temp internet files, and history each time I exit IE-6. It seems to work. But I noticed on my XP machine, when I return to MSN, even a week and 7 cold boots later, it knows my user name. On the 98 2nd ed machines it does not. I tried using Spider and that made no difference either. Any idea how that site does that? I don’t want it to. Thanks.

Reply | Quote

Replies

Agreed with cowboy. This is AutoComplete for User Names and Passwords. This is not related to index.dat files or History. You can set this on the Internet Options | Content tab | AutoComplete dialog box.

Reply | Quote

No, it’s not auto complete. When I click the sign in button the box opens with one of my user names already filled in. The other user name is available in a drop down box. The password box is empty. Auto complete does just that, complete something I start to type. This is pre filled in like a cookie would do. But it must be stored somewhere other than cookies, history, or temporary internet files. I will search the registry and see if it is in there somewhere.

Reply | Quote

Do you mean like below?

Reply | Quote

Very similar. But mine says sign in to msn groups. But basicly the same type box yes. But now the only way I can get the box is to sign out and then click sign in. Otherwise it logs me in automatically. And I don’t have the auto sign in box checked.

Reply | Quote

You are stumped because you don’t want to hear the truth. Those are AutoComplete entries. You will not find them directly in the registry — they are encrypted. Disable AutoComplete for user names and passwords and see what happens. If that does not work, rename “pstores.exe” to “pstores.exe.old” and try it again! (Eh, if XP will allow you — it might not!)

If pstores and AutoComplete are disabled, this will not work.

This is NOT Cookies, this is NOT History, this is NOT the TIF, this is NOT any index.dat file…

Want me to prove this ONE more way? Open regedit and go to this key:

HKEY_LOCAL_MACHINESoftwareMicrosoftProtected Storage System Provider

Rename that key with a minus sign (-) in front of Protected. Now try it again. Does it still find your User Name?

Usernames and passwords (and all other AutoComplete entries for IE) are stored and retrieved by pstores.exe from THIS section of the registry. Each user has a different key.

Reply | Quote

Hi, R2 ~

Nevermind JC there

I had a similar issue with .NET Passport a while back and they were unable to provide a definitive answer nor were they able to point me to a file or key held locally.

R2, there is no ‘HKEY_LOCAL_MACHINESoftwareMicrosoftProtected Storage System Provider’ or ‘pstores.exe’ on a thorough search of my system. I did, however, find ‘pstorec.dll’ and ‘pstorsvc.dll’ which seem to be an integral component of Protected Storage, yet after overriding WFP and deleting them both, no effect was encountered when trying again.

Your thoughts?

Reply | Quote

Thanks Bruce. I contacted Microsoft and I’m waiting to see what they say. No matter what I do, I can’t duplicate the problem (or feature) on my 98 2nd ed computers. So it must have something to do with XP. I’ll wait and see if anyone else has any suggestions I can try, and what Microsoft says.

Reply | Quote

I was able to get my little hands on a WinXP box — guess what? No pstores.exe!

And the PSSP key IS under HKCU. Instead of user names the sub-keys are those user ‘numbers’.

I did not have full access to the box — nor did I have time to re-set this — but it may be that the pstores.exe function has been taken over by “services.exe“. I will look into this further…
________________________________

Someone with WinXP: please check this registry key:

HKEY_LOCAL_MACHINESystemCurrentControlSetServicesProtectedStorage

On Win9x this points to “pstores.exe” in two places:

…ParametersImagePath=C:WINDOWSSYSTEMPSTORES.EXE
…S2pstores.exe

I would be most interested in seeing those keys in WinXP…
_______________________________________________

More info: WinXp and Win2K don’t use ‘pstores.exe’ — instead they run the “Protected Storage Service” — probably a sub-component of “Services.exe”…

Reply | Quote

Reply to self. Yep, “Services.exe” seems to have taken the place of “pstores.exe” in Win2k-XP. Here is the registry entry:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesProtectedStorage
ImagePath=%SystemRoot%system32services.exe

You can view the list of the various services that are running by typing “services.msc” in a Run box. On the list you will find Protected Storage component.

Reply | Quote

Here is the screen shot of the key you wanted to see on an XP machine.

Reply | Quote

Here is the first subkey

Reply | Quote

Here is the 2nd subkey

Reply | Quote

I always get up on the wrong side of the bed and I am too ignorant to be bothered by comments.

XP must have moved them or renamed them. Regardless, the system must work the same way. Like it or not, those are AutoComplete User Names –or, as Bruce’s image demonstrates, Email Address Accounts. There are two forms of AutoComplete — “in-line” or “append” (which finishes words as you type them), and the standard drop-down AutoComplete.

Getting any information about this from Microsoft is exceedingly unlikely. There is very little information at all about the Protected Storage System and “pstores” on all of the microsoft.com site. It is considered a sensitive area…

Pstores.exe is the executable program, and Pstorec.dll holds the “encryption/de-encryption” coding. Is is possible that XP renamed pstores.exe? Yes, I guess, but they apparently did not remane the application extensions (pstorec.dll and pstorsvc.dll). Perhaps the file is just “hidden”. Bruce, do you have “hidden” files visible? I was afraid XP would “protect” those files and those registry keys… Too bad. That makes it difficult to prove my point.

Bruce, there NEEDS to be a “Protected Storage System Provider” (PSSP) key in your registry somewhere. Could XP have moved that? I guess, but I don’t see why. Also, perhaps if you NEVER, EVER turned on AutoComplete, then WinXP would never bother to create the key… I see this as unlikely, because on Win9x systems the key contains two “default” storage sub-keys, *Default* and *Local Machine*. Then, each and every user is given a sub-key. Pstores uses these keys to store ALL your potentially ‘sensitive’ AutoComplete data — user names, passwords, form entries, etc.

The PSSP user keys hold a Data and Data2 sub-keys, The Data key is the one holding most of the AutoComplete information. Email Account UserNames and Passwords are stored the “220d5cc1… – Identification – INETCOMM Server Passwords” sub-key. Forms data, Web page User Names and Passwords are stored in “e161255a… – Internet Explorer” sub-key. The numbers may be different for XP, but the ‘keys’ need to be there. Look in the Internet Explorer sub-key and drill down to the “http…” section. UserNames and Passwords are generally kept there. There is also a third sub-key that also holds “Protected SIte” passwords — and MSN may fall into this category. The key is identified as “89c39569… – IdentityMgr – Identities – IdentitiesPass”. You may want to look for MSN in there.

Could the MSN site be doing something unique?? Certainly. Could it be using the horrible “Passport” technology? I guess, but most people have shunned that — especially after the Wallet fiasco. I would not put Microsoft passed using it, but this function has been the realm of AutoComplete and Pstores for a long time…

There is a program that lets you SEE into the Password Storage system. It divides the three storage areas I described above into “Outlook Express Passwords”, “AutoComplete Passwords”, and “Password-Protected Sites”. I would be most interested in finding out what you guys see using that tool.

It is available here: Protected Storage PassView

Reply | Quote

Thanks ! Your PSP link let me get rid of a stored OL Express password that had been left hanging around. Now it comes up clean, the way I prefer it (especially with such utilities around ).

Reply | Quote

I have to wonder if the reason that un-checking the AutoComplete boxes does NOT work is because there is no check for “Email Addresses” — it is only Web Address, Forms, and User names and passwords on forms.

If Jrclen’s drop-down list is EXACTLY the one that Bruce images above, you will note those are Email Addresses and not necessarily “User Names”. MSN seems to use your Email Address to identify you (I never use MSN, so I have to rely on Bruce’s image). The PSPV program would idenify these as “Resource Type = Outlook Express”.

If unchecking the AutoComplete boxes does not stop this behavior, then IE must treat Email Addresses separately. If that is the case, I know of no setting to “Disable AutoComplete Email Addresses”. You can use PSPV to delete the addresses, but I don’t know how to stop IE from dropping them down.

Reply | Quote

Yes you’re right they are email addresses. That is what MSN uses as a login user name. I did a search of the registry for protected storage and turned up entries all over. Here is a screen shot of one under hkey current user. All the data seems to be encripted, I didn’t find anything that mentioned MSN or the email address or anything useful.

Reply | Quote

Hi, R2 ~

Okay, I have downloaded and ran the PSPV. It bears witness to my personal domain user name and password in ‘Outlook Express Passwords’, nothing in ‘AutoComplete Passwords’, and nothing in ‘Password-Protected Sites’. It does not show either address indicated in the logon screenshot post 229919 above. I have never used ‘AutoComplete’ and have always keep it disabled.

As a result of this page I posted a while back during a spat with M$, they report that info is tied into ‘Passport’. They refused to tell me where and/or how it was stored. If you go to ‘User Accounts’ > ‘User Account’ > ‘Manage my network passwords’, both of the above e-mail addresses are listed in ‘Stored User Names and Passwords’.

I have the ‘Protected Storage’ service turned off and disabled, yet attempts to sign in to MSN groups, Passport, Messenger, Chat, etc. are all greeted with the same drop down box and am able to sign in without incident. I also get this box with both addresses even if I am offline, so that rules out remote storage.

I have done a search of all ‘Protected Storage’, ‘Passport’, ‘Messenger’, and both e-mail addresses in the registry and nothing turns up within the context of which we discuss. I have been able to identify all of my contacts and some configuration settings in binary code, but failed to bring up either address when scrutinizing binary in all aforementioned areas under the hesitant assumption they would also be coded binary.

This completes my report for now

Reply | Quote

Bruce – VERY interesting.

Jrclen, given the information from above I must assume that PASSPORT is working outside of the PSSP and the “Protected Storage” Service. Therefore it represent yet another system of encrypted storage on your computer. I have disabled Passport after all the bad press so I never investigated how it worked.

I believe Microsoft is MORE tight-lipped about Passport than they are about Pstores/Protected Storage… I think getting information out of them about this will be exceedingly challenging.

WinXP equally challenging to investigate — I can see it does NOT let you rename files or certain registry keys. This makes it VERY difficult to find out WHAT does WHAT by ‘breaking’ a file or a registry key. The dang thing keeps repairing itself…

IE can use a couple of methods to encrypt things in the registry. For some of its more advanced encryption, it uses the “pstorec.dll” (Protected Storage COM interfaces). The PSPV program uses this exact DLL ‘de-encrypt’ the Protected Storage folder.

Could Passport be using this same encryption technique?? Possibly. I would think it would use a more complicated encryption than just say changing the letters to their ASCII or Unicode hex equivalents (one of the simpler methods of hiding things in the registry). Did Microsoft create a NEW encryption for Passport or did it just borrow from resources it already has?? Don’t know.

Let’s see if we can figure out HOW exactly Pstorec.dll encrypts Bruce’s strange entry…
_______________________

I am out of time. It is difficult to get that long “User Name” entered. I am going to have to get it entered into a Form box… I tried to get it entered as an Outlook Express user name, but I am not sure it works the way I want it…

Bruce, you may want to search your registry for various sections of this:

02 00 00 00 18 00 00 00 B0 4C 2C 0F 8B 51 0B 6F 82 AA 5F 46 B6 BF CB 51 6F 48 7B D7 09 0D 7D EF 28 00 00 00 DC CF 59 D8 97 1E B5 90 75 64 1F C1 8B 40 98 F3 55 02 A3 DE 34 85 DF 18 A1 F9 5C 8A AF AB C9 C4 85 89 D5 97 84 6B 4A A3

In there pstores may have stored your weird Netzero user name. Just copy several pieces of the above sequence and see if we can get lucky…

Reply | Quote

The NetZero entry is no longer present since canceling my reinstalling XP a while back. I tried the whole string and various combinations of small and large sections of the sting and no returns.

Reply | Quote

Shoot. If the NetZero entry is gone, then searching for those strings will be fruitless — as you found. Bruce, if you want you could run RegMon while IE is accessing the MSN sign-on screen and you may find out WHERE in the registry these are stored. I had one guy tell me the information is stored on the NET passport site only and NOT on your computer. I guess that is possible.

Reply | Quote

I tried RegMon, but per our previous related discussion, I can’t seem to tame it to use the info. I would assume that the info is stored in some fashion on .NET servers, but I also get the drop-box with both addresses even if I am offline, so I would venture to say that might well rule out exclusive remote storage.

Reply | Quote

1) I agree, the remote storage idea sounds totally bogus to me.

2) Care to Email me the .log file from RegMon?

3) I tried to get pstores to encrypt your second email address (“fustazio@hotmail.com”), but I am not sure I was successful. It seems to not really encrypt the accout name — but it might. It SEEMS to encrypt the password (which I set to that email address) and stick it into this registry key: HKEY_USERS.DEFAULTSoftwareMicrosoftOffice8.0OutlookOMI Account ManagerAccounts0000000fPOP3 Password2.

On my old Win98 box, this is how the encrypted Password is stored:

01 02 70 00 6F 00 70 00 2E 00 68 00 6F 00 74 00 6D 00 61 00 69 00 6C 00 2E 00 63 00 6F 00 6D 00 34 00 31 00 41 00 42 00 44 00 46 00 34 00 30 00 00 00

Again, this is a fishing expedition and we may or may not get lucky…
____________________________________________

Ah… wait. That does NOT appear to be the password storage area — it just LOOKS like it might be. Perhaps it just identifies where the password is stored??

When I simply modify the password, the registry key that gets modified is this one:

HKEY_LOCAL_MACHINESoftwareMicrosoftProtected Storage System Provideruser nameData220d5cc1-853a-11d0-84bc-00c04fd43f8f417e2d75-84bd-11d0-84bb-00c04fd43f8fpop.hotmail.com41ABDF40

Which, in someways makes more sense — it is inside the PSSP keys. If that key holds the password, then “fustazio@hotmail.com” is stored by pstores on MY computer as:

02 00 00 00 18 00 00 00 C9 CA 89 7B DB 90 DA 49 08 0A 56 68 CF BF CC 74 73 DF 19 B0 BA 4C 4C 25 38 00 00 00 20 56 F2 F9 86 B3 92 3E 70 C7 97 20 51 CA 7F 3E 9A E5 83 C4 91 86 59 67 08 BA 77 2B 97 3E 04 9F 03 8B 82 78 22 0C 03 7C 46 FE 06 72 16 62 B5 7E 35 5F 54 7F 7E 0B A0 1E

It may be different on YOUR computer…

Reply | Quote

1) Yes, the very fact that despite the alpha entry “fustazio@hotmail.com” is not found in the registry but still appears in at least two locations when called up indicates it is stored locally in some fashion.

2) Am sending, but please verify the screenshot below is correct. I have filtered all but the ‘services.exe’ & ‘lsass.exe’ but was unsure if I should leave a space between them or not as they don’t both appear to come up during a run.

3) Neither keys exist on this box and no luck on the binary.

Reply | Quote

Not much time. Looking at the first file, services.exe is active first and then lsass.exe. The most intriguing entries at first glance are the “Volatile Environment” entries. BUT… none of those look like “pay dirt”. Then, these entries look interesting:

HKLMSAMSAMDOMAINSAccountUsers

What is SAM? That is not on my Win98 machine — which always make this difficult. Other than that — I don’t see anything else that makes any sense…
_____________________

Looking at the second file, the ONLY areas that I see that could even POSSIBLY contain encrypted data are these:

HKLMSAMSAMDOMAINSAccountUsers000003EBV
HKLMSAMSAMC
HKLMSAMSAMDomainsAccountV
HKLMSAMSAMDOMAINSBuiltinAliases00000220C
HKLMSAMSAMDOMAINSBuiltinAliases00000223C
HKLMSAMSAMDOMAINSBuiltinAliases00000221C
HKLMSAMSAMDOMAINSBuiltinAliases00000222C

Those are the only entries I easily found with hex entries as their values.

You seem to have several users on your account: your name, V…, B… (an interesting one), and Administrator. Is the fustazio account for someone other that you?

Reply | Quote

Oh, brother, you are gonna like this…..there is nothing in HKLMSAM or HKLMSAMSAM as indicated below checking in regedit and regedt32 – the keys resulting in RegMon seem to be off the radar. How can this be?

The additional user accounts besides myself and the built-in Admin are V > set up but never used and the ‘interesting one’ > an account with limited privs set up and used once to test a principle. No others use this unit and there are no settings or accounts set up within either of those accounts.

The ‘fustazio’ e-mail account is an addtional account I use that is disposable if need be for MSN, Messenger, etc.

None of the keys you posted seem to exist in part or in whole beyond HKLMSAMSAM.

A quick Google churns up that SAM (Security Account Manager) is part of the NT architecture native to Windows NT/2000/XP systems and that there exists information in the registry hidden that you can not see with registry editor. Interestingly enough, I have thus far not run across a means to view these keys. I will attempt this command tip and post back:

at  /interactive "regedt32.exe"

I think this NT4.0 article will help lead us in the right direction and you will definitely want to read this.

Reply | Quote

VERY interesting — a secure account manager key that is HIDDEN from regedit. I did not expect that!

I wonder if we can get VBS to read and display the registry keys there?

Those are interesting articles — I will need to carefully read through each of them. Looks like we found something useful. I was told this:
—————————————–
“That key has no special properties; it’s just protected by a security descriptor, like everything else in NT. The particular SD has no-access to admins (there is no reason for admins to have access).

You simply need to run a copy of regedit under the builtin system account.

One way to do this is (at a cmd prompt)

at hh:mm /interactive regedit

where hh:mm is chosen to be just slightly in the future — pick a time in the past and it’ll run at that time tomorrrow.

Actually, I prefer

at hh:mm /interactive cmd

and then I run regedit from the new cmd prompt.

Needless to say, I have just handed you a loaded weapon.”
———————————-
Attached is the image of the ‘exposed’ hidden keys.

Reply | Quote

Are you interested enough to try LOphtCrack to ‘crack’ the passwords?

I find it interesting that the ‘Where NT stores its Passwords’ article tells you that programs: “store passwords in various locations on the system, so you should be aware of these locations and act to prevent unwanted access.”

But, then it does *not* mention the Protected Storage System Provider keys…..

Reply | Quote

Wow, I am reading the latest messages with great interest but you both are way over my head. I of course have gotten no where. I even managed to add three more user names to the drop down list without gaining any information as to where they are stored. And it seems as though the last one I log on to is the one that automatically logs me in the next time I go to msn. I can change accounts by signing out and then clicking sign in and choosing another user name (email address). I did get a message from Microsoft telling me they are a little busy right now but they will get back to me. I wrote them again, telling them my children are automatically being logged on to my adult content groups and are being exposed to adult material and that I am upset about it. It’s not true but maybe that will light a fire under them. And this never happens with my 98 computers, only the XP machine. On the 98 computers I get a blank sign in screen with no drop downs. For what all this is worth. But it sure is interesting to listen to you both. I’ll sit back and keep on reading. Thank you.

Reply | Quote

One thing I would like to point out, R2, is that we are seeking the mail account names, not passwords necessarily, that drop down from the sign-in box, and since they are not in the registry, they might be in SAM. I went through all the keys, but found nothing….at least obvious. Why would it be necessary to bin/hex code mail accounts?

Here is a RegMon log starting from clicking ‘Sign in’ at the MSN site, selecting ‘fustazio’ from drop down, hitting ‘enter’ before entering password, then entering password once box came back for it. There seemed to be no reg activity after hitting ‘enter’ and work was server side until I hit ‘Sign out’. I was unable to ascertain any value here. Anything raise your brow?

Reply | Quote

Sorry, busy time right now.

>>we are seeking the mail account names… Why would it be necessary to bin/hex code mail accounts?

It would not be necessary — since the SAM keys are themselves “hidden”. There is no obvious reason why the e-mail accounts names should be further obfuscated by changing them into hex or other codes.

HOWEVER:

1) Since the SAM keys do not clearly list the e-mail accounts in plain English, I have to suspect that they are somehow listed in hex (or other) code.
2) Many keys in the Win2K-XP registry are in hex code, so it would not be surprising that the user names were listed thusly.
3) The only values that are long enough to hide user names happen to be in hex code.

In the RegMon capture you attached, only the following key seems to be a likely candidate to hold any information that MIGHT be User Names:

HKLMSAMSAMDOMAINSAccountUsers000003EBV = 00 00 00 00 BC 00 00 00 …

On the surface the value appears to be a long series of hex numbers. That could conceivably contain the user names. I don’t see many other potential candidates.

Furthermore, these types of entries show that SOMETHING is being encrypted or decrypted:

HKLMSoftwareMicrosoftCryptographyOIDEncodingType 1CryptDllDecodeObjectEx = Name: 1.2.840.113549.1.9.16.1.1
HKLMSoftwareMicrosoftCryptographyOIDEncodingType 1CryptDllDecodeObjectEx1.2.840.113549.1.9.16.1.1

Is that weird number indicating something — or is it the code itself? I don’t know… But something is utilizing the ‘Cryptography’ functions of Windows…

Reply | Quote

Hi, R2 ~

For some reason I am not getting my Lounge replies. I just popped in to take a peek. I won’t be back until late tomorrow to get back on this. Hey, R2, did you notice I posted the command line cue in post 231469? I haven’t gotten to it yet, but will when I get back.

I was tempted to try LOphtCrack, but felt that was a tangent for now. I like what we are learning here.
—————————————————————————————————————————–
JR ~ I know we haven’t provided anything definitive, but we might.

Be back soon.

Reply | Quote

No problem. Take your time. I can live with it for now and it will be interesting to see what you both come up with.

Reply | Quote

I’ve been busy the past few days. JR, have you ever used RegShot? I am NOT at all sure it would work with these “hidden” SAM keys in WinXP, but it might…

The concept is simple. It takes an ‘image’ of your registry before and after you do something. Then it compares the two ‘images’ and tells you what was modified.

In theory, if you look at your registry before and after creating a new MSN account, it MIGHT be able to capture where in the registry the data is stored…

Reply | Quote

I’m down loading regshot now. I will give that a try and post the results. Thanks.

Reply | Quote

I ran the regshot program. I then signed up with msn passport with a new email address. I ran regshot compare and the attached file is what resulted. I have no idea where the yamaha sound card entry came from. I hope this helps.

Reply | Quote

Shoot. None of that looks useful — certainly none of that shows us information about an MSN user name and password. I suspect RegShot is just not able to access the SAM key…

Were you able to see the SAM keys following the advice from the MSKB?

Reply | Quote

I read through what you linked to but didn’t understand what I was supposed to do.

Reply | Quote

Hi, R2 ~

Okay…. I ran

at 04:59 /interactive "regedt32.exe"

with ’04:59′ being my chosen time and reg popped right up at the designated job time. Below you can see I have access to all the SAM keys. I have yet to finish going through them. The screen shot you posted previously….was that yours or a sample from the quotation?

Reply | Quote

That was my screenshot I posted

Reply | Quote

OK, That worked just fine. I made a screen shot of what I found under SAM. I looked at each key and found only binairy entries. Nothing that stood out as a clue. Take a look and if you want a zeroed in screen shot of a key let me know.

Reply | Quote

Ok, Where to start. Thank you for all the time you obviously spent researching this. I will go through your tips one by one and see what I find. I did download and run the PSPV utility and the only thing it showed was my password for my email with my ISP. Nothing for net passport or msn. I got a reply from Microsoft and they said they are kind of busy right now and will get back to me in 5 days or so. Ha ha. In the mean time I will do some file and registry searching as you laid out. I will post my findings. Thank you.

Oh, I did find the key you refered to. I put the – sign in front of it. It had no effect and when I went back into the registry I found that entry with no sub keys and a new entry without the -. So it looks like XP simply moved the information to the newly created key and ignored the key I changed. Interesting.

Reply | Quote

Now I am really stumped. Just now, after booting fresh from yesterday, I went to the msn site and clicked sign in. It not only had my user name but just went directly to logged in without my doing anything. And all cookies ect were deleted last night using guard IE, IE6 itself, spider, and manually with windows explorer. I just did a search of the registry for my user name and came up with nothing. I then did a file search for my user name contained in files, including system and hidden files and again turn up nothing. It’s got to be here somewhere. Otherwise how would they know it was me? Well maybe someone in the lounge knows.

Reply | Quote

Well I solved the problem with help from Microsoft. It took lots of emails and finally a threat on my part to get them to part with the information but they did. Here is what they wrote:

This is CJ and I understand that you are a bit
worried about the security of your account. You
also want to erase in registry from inside your
Windows XP, to avoid automatic sign in of your
profile.

You can remove your .NET Passport registry.

Let me walk to the steps in doing so:
1. Go to User Accounts in the Windows XP Control
Panel (Start, Control Panel).
2. On the Advanced tab, click Manage Passwords.
3. In Stored User Names and Passwords, select
Passport.Net*, and click Remove.
This does not delete your Passport, but removes
its connection with your computer.
4. Click Close, and then click OK in the dialog
box.
Note
If you click Sign me in automatically in the .NET
Messenger Service sign-in dialog box, you will
reestablish the Passport you use there as the
default for that computer.

It didn’t work quite like that on my computer. I got into user accounts, clicked my account, clicked manage my network passwords, then deleted all the entries in the box dealing with net passport. All the user names and passwords then disapeared. At first they insisted it was autocomplete but when I cleared that and then sent screen shots of my next automatic login they sent the solution above. Thank you to everyone who tried to help.

Reply | Quote

Hi, JR ~

I’m glad this will suffice for you for now. I did cover this in my post 230741 and the web link therein. MS, .NET Passport & MSN have continued steadfasted refusal to resolve or even come close to acknowledging and directly responding to my issue, queries and assertions per the link. Even if you don’t check ‘Sign me in automatically’, eventually the same scenario will be encountered. I had removed .NET Passport accounts & passwords and deleted all accounts. I then created new accounts, refused all info sharing, auto sign-ins and auto log ons, etc…..ended up the same after some short indefinite period. It is suspiciously frustrating MS refuses to indicate the local reference/storage in the registry, so I am not spending any more time w/ this.

Reply | Quote

HI Bruce,
I too would like to know the registry location but as you said, MS would not answer that question. I will just avoid NET passport with my xp computer. Thanks for all the help.

Reply | Quote

Hi, JR ~

I understand how you feel. I really like using some of the features of Messenger such as the direct P2P sharing as well as others and you can’t connect or have a Hotmail account without a Passport. I use Hotmail only as a throwaway account for web stuff and I merely provided fictitious personal info and then use that identity for Messenger which allows you to alter that identity’s moniker to whatever you desire.

Reply | Quote

IF you have a backup registry copy you might be able to figure this out. OR, if you remember the previous SAM entries… One way may have been to export the SAM keys before and after — then compare them…

Reply | Quote