Isn't this super lax on security? I mean, I used Windows 8.1 for the longest time. My question is, if you use a "live" account, does it change that password?
All my accounts are inter-linked. My XBOX Live PW was the same as my Windows 8.1, same with my OneDrive, and anything Microsoft related.
Excellent find, I agree, sticky it please!
no in order to change those you would need to goto the account area of your account on the device or on the web and change it there, those password cracking apps only have the ability to crack the .SAM database files. what i did find strange, is that when you create an account with a microsoft login and then try to login to that account with no internet, you can still log into the account localy.
i dont know if this is a bug, so perhaps the microsoft account password is being stored in the .SAM database for "local access" if that is the case then its a huge security issue as .SAM files can be cracked which would then give the attacker access to the microsoft account.