Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Where is my Skype password stored.

6,619 views
Skip to first unread message

micky

unread,
Mar 8, 2013, 12:21:01 PM3/8/13
to
I have Skype on my home computer, and just got a laptop I want to
install Skype there too but when I went to use my current email
address and password, it didn't like the password.

It said it didn't have a number in it and was too easy to guess.

OTOH, the same password still works fine on my desktop.

I know it and I remember it and I want to conintue using the current
password. Plus this sort of thing has come up before, so I want to
find where it is stored on the computer, and inert the passwordt in
that place on the new laptop**

So where is it stored?

One my desktop computer, I Searched the files for any file or folder
with "Skype" in it, and looked in every file within those folders.

I looked in the Registry and found several references to Skype, but
very little data.

In both cases, I couldnt' find my Skype password.


I think I could register for a second skype account then compare the
old r egistry with the new one to find what has been added, but I
don't know how to compare the two r egistries without my going line by
line.

Thanks.

micky

unread,
Mar 8, 2013, 12:38:56 PM3/8/13
to
And if I change the password to use the laptop, then I'll have to go
back and change the password for the desktop too.


VanguardLH

unread,
Mar 8, 2013, 9:36:19 PM3/8/13
to
micky wrote:

> I have Skype on my home computer, and just got a laptop I want to
> install Skype there too but when I went to use my current email
> address and password, it didn't like the password.
>
> It said it didn't have a number in it and was too easy to guess.
>
> OTOH, the same password still works fine on my desktop.
>
> I know it and I remember it and I want to conintue using the current
> password. Plus this sort of thing has come up before, so I want to
> find where it is stored on the computer, and inert the passwordt in
> that place on the new laptop**
>
> So where is it stored?

Nowhere in plain text that you, a hacker, a thief, or malware can easily
copy it. It's encrypted to protect it from just what you are trying to
do because it doesn't it's you and not someone else or some bad program.

http://community.skype.com/t5/Security-Privacy-Trust-and/What-does-the-skype-password-want/m-p/48806/message-uid/48806/highlight/true#U48806

I don't use Skype but suspect the problem stems from the service
increasing the complexity required for passwords. Too many users employ
very weak passwords, get their accounts hacked, and then abuse the
service. They decided to weed out the users with weak passwords by
forcing them to use more and different type of characters in their
passwords.

Tis possible they upped their password complexity requirements from when
you last entered it. Your old device (home desktop) works because it is
seen as an old device known to your account so it got grandfathered in.
When you attempt to connect a new device (laptop) to your account, it
triggers the newer complexity requirement.

> One my desktop computer, I Searched the files for any file or folder
> with "Skype" in it, and looked in every file within those folders.

If it was that easy to find, any malware could also find it. If the
passwords are stored in a file, they will be encrypted.

> I looked in the Registry and found several references to Skype, but
> very little data.

If it was that easy to find, any malware could also find it. If the
passwords are stored in the registry, they may be in the crypto section
that gets automatically hashed or the Skype program uses the crypto API
in Windows to encrypt the passwords that then get stored in the
registry.

> In both cases, I couldnt' find my Skype password.

Any program that stores non-encrypted passwords anywhere should be
discarded as susceptible to hacking or malware.

> I think I could register for a second skype account then compare the
> old r egistry with the new one to find what has been added, but I
> don't know how to compare the two r egistries without my going line
> by line.

So what happens when you use their web site to log into your Skype
account? Can you still use the same old username and password that you
are using in their client running on your desktop PC? See if they tell
you upon login with your old credentials if there are new complexity
requirements.

VanguardLH

unread,
Mar 8, 2013, 9:48:37 PM3/8/13
to
micky wrote:

> And if I change the password to use the laptop, then I'll have to go
> back and change the password for the desktop too.

Yep. Everywhere you have a local client program that logs in will have
to match on the account's same login credentials.

J. P. Gilliver (John)

unread,
Mar 8, 2013, 3:40:34 PM3/8/13
to
In message <q07kj89see0ifm33h...@4ax.com>, micky
<NONONO...@bigfoot.com> writes:
>I have Skype on my home computer, and just got a laptop I want to
>install Skype there too but when I went to use my current email
>address and password, it didn't like the password.
>
>It said it didn't have a number in it and was too easy to guess.
>
>OTOH, the same password still works fine on my desktop.

I suspect the install process where you're using an account that already
exists is microscopically different from a first install - there's
probably a tickbox at some stage, or something. If it's checking the
password for strength, I am guessing it's setting up a new account,
rather than adding a computer to an existing account. (I presume over
the years they've got a bit more fussy about the sort of password
they'll let new users use.)
>
>I know it and I remember it and I want to conintue using the current
>password. Plus this sort of thing has come up before, so I want to
>find where it is stored on the computer, and inert the passwordt in
>that place on the new laptop**
>
>So where is it stored?
>
>One my desktop computer, I Searched the files for any file or folder
>with "Skype" in it, and looked in every file within those folders.
>
>I looked in the Registry and found several references to Skype, but
>very little data.
>
>In both cases, I couldnt' find my Skype password.
>
I can think of two possibilities. Either it's not stored on the computer
at all, but on the Skype server farm (certainly your contact list is,
though I _think_ you can make a local copy); or, if it _is_ stored
locally (in a file or the registry), it's encrypted; passwords usually
are, if stored, so that anyone who steals (or hacks into) the computer
doesn't immediately have access to them.
>
>I think I could register for a second skype account then compare the
>old r egistry with the new one to find what has been added, but I
>don't know how to compare the two r egistries without my going line by
>line.

Which would take you for ever, I suspect (-:!
>
>Thanks.

YW. HIH.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

A waist is a terrible thing to mind.

JAS

unread,
Mar 8, 2013, 8:59:18 PM3/8/13
to
Are you sure it is his Skype account?

J. P. Gilliver (John)

unread,
Mar 9, 2013, 6:05:43 AM3/9/13
to
In message <rh0mj8tg9n0s8hfl0...@4ax.com>, micky
<NONONO...@bigfoot.com> writes:
>On Fri, 8 Mar 2013 20:40:34 +0000, "J. P. Gilliver (John)"
><G6...@soft255.demon.co.uk> wrote:
>
>>
>>>I think I could register for a second skype account then compare the
>>>old r egistry with the new one to find what has been added, but I
>>>don't know how to compare the two r egistries without my going line by
>>>line.
>>
>>Which would take you for ever, I suspect (-:!
>
> Well, Norton Utilities came with a DOS utility called FC (file

I remember that old suite - lots of two-letter utilities, though there
was a menuing system that meant you didn't have to remember all the
pairs of letters. Quite good in its time; Norton was, then.

>compare) . It would compare binary files and when it found a byte
>that didnt' match, it would look ahead in each file to see if it
>started matching again. Then it would print out the part that was
>added or deleted (and the default was to not print everything that was
>the same) It worked excellently. I still have my Norton CD's and
>could** install that.

You might not need to. FC is a DOS command itself - I think even back in
'9x days; it's certainly there under XP. Open a command prompt (start,
run, enter "cmd", or find it under accessories), and enter

fc /?

(note the /b option). I imagine you can pipe it to more (

fc file.a file.b | more

) to get a page at a time - you can with most DOS commands.
>
>It or another version of Norton also had a windows program that was
>meant for t ext. It might have been called FileCompare. It did the
>same thing as FC but when it found differences, it formatted what it
>displayed as 80 column text. Good for comparing computer code and
>most text. Maybe it didnt' have to use 80. It too was excellent***.
>
>I guess I lost these when I upgraded my OS.

Unfortunately, I don't think this would be much use for tracking
registry changes anyway. I certainly wouldn't try to do it on the raw
.dat files, as you wouldn't have a clue what the varying strings of hex
mean; and the registry is being changed all the time, so trying to find
just the bits an install changed would be a thankless task. (Not to
mention that exporting the whole thing into text form [.reg files] would
take a Very Long Time [and just trying to select bits of it to text
would probably miss something]).

>
> **This brings up another question. What are the odds that software
>written for win3.1 or win98 will install in XP. I"m not talking
>about hardware for which drivers might be necessary.

It depends very much on the software. Sometimes it installs fine. (I'd
not bother with screensavers - they _are_ hard work.) On the whole, the
easiest thing is to just try! It doesn't _usually_ break anything,
though very occasionally something can, but XP is _reasonably_
self-protective. Note that anything from 3.1 days will use short
filenames (for files _and_ directories), as will a very few '9x things.
(You can usually tell this is going to be the case because the file
window - when you save or load anything in them - is the old one you
will recognise.)

Sometimes, it would run, but the installer won't. If an installer won't
run, you can always _try_ copying over the directory tree from a working
copy on the older system (or the hard disc from the older system if
you've kept it, or an image of it), and try running the main executable;
again, it's pot luck whether it will or won't. On the whole, if it
doesn't rely on registry entries having been made or files having been
put into the windows directory or one of its subdirectories, the chances
are it will run, though sometimes in an unexpected or limited manner
(and you may have to do something unusual, once or every time, to make
it run).
>
>(Although I'm curious, and might want to install old software someday,
>I guess it's too much work this time, especially since Skype will
>probably put the hammer down and make me change my password even where
>the old one works now.)
>
>***Another one of Norton Utilities would read the registry and find
>every instance of what I was loking for. So I didn't have to go along
>finding one at a time, so I had a good idea from the start how many
>hits there were. (If there were 200, I would probably change what I
>searched for.), so I'd know how close I was to being done. I
>suppose they've changed the name of the Registry by now, so a win98
>version won't be able to find it.

There are such things around - (pause) I thought I had one, but I seem
not to (maybe _I_ only have it on my '98 machine!). I did find I had
something called regshot, though, which sounds like it might interest
you:

"Regshot is a small,free and open-source registry compare utility that
allows you to quickly take a snapshot of your registry and then compare
it with a second one - done after doing system changes or installing a
new software product. The changes report can be produced in text or HTML
format and contains a list of all modifications that have taken place
between snapshot1 and snapshot2. In addition, you can also specify
folders (with sub filders) to be scanned for changes as well."

http://regshot.sourceforge.net/ - actual download (I think) on
http://sourceforge.net/projects/regshot/files/regshot/1.9.0/Regshot-1.9.0.7z/download
I'm sure other such utilities are available; this one's only 155k, so
can't be any good (-:
[]
>>YW. HIH.
[]
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

"Mummy, Mummy, I'm 13 now can I wear a bra?"

"SHUT UP RALPH...."

J. P. Gilliver (John)

unread,
Mar 9, 2013, 6:30:20 AM3/9/13
to
In message <k6vlj8pijqk44bn59...@4ax.com>, micky
<NONONO...@bigfoot.com> writes:
>On Fri, 8 Mar 2013 20:36:19 -0600, VanguardLH <V...@nguard.LH> wrote:
[]
>>Nowhere in plain text that you, a hacker, a thief, or malware can easily
>>copy it. It's encrypted to protect it from just what you are trying to
>>do because it doesn't it's you and not someone else or some bad program.
^ know if
[]
>Thanks.
>
>I recognize that this is good, but the most a hacker could get from me
>wrt Skype is the $10 I just put in the account. When it gets near

Not entirely: they can access your list of contacts, and also pretend to
be you. (And change the password so _you_ can't get in - and then
blackmail you to get it back, which might be inconvenient if you've got
a big contact list that'd be a pain to set up again [or any
not-very-savvy contacts who'd find it hard to change the Skype ID they
know you under].) And probably a few other things I haven't thought of.

>zero, I put in 10 dollars more. It would be worth (10 dollars X the
>risk of being hacked) not to have to change my password.

I know what you mean. However, last time I used Skype, I found as long
as you don't _log out_ when you've finished using it, it remembers ...
not sure though, that might have been just the Skype ID, not the
password. Yo can tell I rarely use it! (Mainly because it clags up on
this machine: it starts up OK, then grinds to a stop after two or three
minutes. I'm sure it didn't when I first used it on here, so it's
something I've done or installed since: if anyone knows what, I'd like
to know.)
>
>On other webpages they can't even take money from me. For example,
>they can pay my electic bill and that's about all.

Yes, I've always thought bill-paying sites are overly protective; I'd
love someone to hack in and pay my bills (-:! (Mind, I bet they can also
enter a meter reading - and though of no benefit to them, that could
cause you inconvenience ...)
[]
>I'm just so tired of all these passwords. I write them down, but the
>ones I choose first I can usually remember. After I have to change
>one, I can never remember it.

Agreed (except I don't write them down). I have three strings I use,
followed by the nth y letters of the entity, so for example if one of my
strings was ABCDE and n and y were 2 and 3 (which I'm not saying is the
case), my password for Skype would be ABCDEkyp. When I have to change a
password, I use the next of my three strings (all of which have letters
and numbers in). This way I find I can remember most of my passwords, at
least at the second or third try. The strings are things easy to
remember, and associated with friends not me: you could use ham
callsigns, car registrations, start of 'phone number with letter prefix
(state?), (UK) postcodes - anything you can easily remember but which
isn't your own (and have two or three so you can change passwords if
necessary).

If you're willing to further compromise your security, the Firefox
browser at least - I think most others too these days - will offer to
remember passwords (it associates them with websites) for you, and
automatically fill them in. (Wouldn't help with Skype though as that
doesn't use the browser.)
>
>Plus I wanted the challenge. Oh, well. Thanks.

(-:
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Why doesn't DOS ever say "EXCELLENT command or filename!"

J. P. Gilliver (John)

unread,
Mar 9, 2013, 4:42:04 AM3/9/13
to
In message <khe76q$c5n$1...@news.albasani.net>, VanguardLH <V...@nguard.LH>
writes:
[]
>Tis possible they upped their password complexity requirements from when
>you last entered it. Your old device (home desktop) works because it is
>seen as an old device known to your account so it got grandfathered in.
>When you attempt to connect a new device (laptop) to your account, it
>triggers the newer complexity requirement.
[]
Does their system actually recognise individual computers, then? I would
have thought this difficult to implement, with modern NAT routers. I
suspect (though could certainly be wrong) that he's somehow ticked, or
not ticked, a box while trying to set up Skype on the new computer, so
that it (the combination of the software and the Skype server) thinks
he's trying to set up a new account rather than access an existing one.

Though he says he used "my current email address and password"; if by
email he means his Skype name, that is odd. If (it's a while since I ran
a Skype setup) it asks for email before Skype ID, then you may be right.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Carl Sagan once wrote that all children are natural scientists but they have
it beaten out of them. - Robin Ince, Radio Times 19-25 November 2011

micky

unread,
Mar 9, 2013, 4:45:53 AM3/9/13
to
On Fri, 8 Mar 2013 20:40:34 +0000, "J. P. Gilliver (John)"
<G6...@soft255.demon.co.uk> wrote:

>
>>I think I could register for a second skype account then compare the
>>old r egistry with the new one to find what has been added, but I
>>don't know how to compare the two r egistries without my going line by
>>line.
>
>Which would take you for ever, I suspect (-:!

Well, Norton Utilities came with a DOS utility called FC (file
compare) . It would compare binary files and when it found a byte
that didnt' match, it would look ahead in each file to see if it
started matching again. Then it would print out the part that was
added or deleted (and the default was to not print everything that was
the same) It worked excellently. I still have my Norton CD's and
could** install that.

It or another version of Norton also had a windows program that was
meant for t ext. It might have been called FileCompare. It did the
same thing as FC but when it found differences, it formatted what it
displayed as 80 column text. Good for comparing computer code and
most text. Maybe it didnt' have to use 80. It too was excellent***.

I guess I lost these when I upgraded my OS.

**This brings up another question. What are the odds that software
written for win3.1 or win98 will install in XP. I"m not talking
about hardware for which drivers might be necessary.

(Although I'm curious, and might want to install old software someday,
I guess it's too much work this time, especially since Skype will
probably put the hammer down and make me change my password even where
the old one works now.)

***Another one of Norton Utilities would read the registry and find
every instance of what I was loking for. So I didn't have to go along
finding one at a time, so I had a good idea from the start how many
hits there were. (If there were 200, I would probably change what I
searched for.), so I'd know how close I was to being done. I
suppose they've changed the name of the Registry by now, so a win98
version won't be able to find it.

micky

unread,
Mar 9, 2013, 4:51:29 AM3/9/13
to
On Fri, 8 Mar 2013 20:36:19 -0600, VanguardLH <V...@nguard.LH> wrote:

>micky wrote:
>
>> I have Skype on my home computer, and just got a laptop I want to
>> install Skype there too but when I went to use my current email
>> address and password, it didn't like the password.
>>
>> It said it didn't have a number in it and was too easy to guess.
>>
>> OTOH, the same password still works fine on my desktop.
>>
>> I know it and I remember it and I want to conintue using the current
>> password. Plus this sort of thing has come up before, so I want to
>> find where it is stored on the computer, and inert the passwordt in
>> that place on the new laptop**
>>
>> So where is it stored?
>
>Nowhere in plain text that you, a hacker, a thief, or malware can easily
>copy it. It's encrypted to protect it from just what you are trying to
>do because it doesn't it's you and not someone else or some bad program.
>
>http://community.skype.com/t5/Security-Privacy-Trust-and/What-does-the-skype-password-want/m-p/48806/message-uid/48806/highlight/true#U48806

Thanks.

I recognize that this is good, but the most a hacker could get from me
wrt Skype is the $10 I just put in the account. When it gets near
zero, I put in 10 dollars more. It would be worth (10 dollars X the
risk of being hacked) not to have to change my password.

On other webpages they can't even take money from me. For example,
they can pay my electic bill and that's about all.

More below.
That's a good idea. Yeah, I could log in to the webpage, wthout it
even suggesting I change the password.

I'm just so tired of all these passwords. I write them down, but the
ones I choose first I can usually remember. After I have to change
one, I can never remember it.

micky

unread,
Mar 9, 2013, 4:56:13 AM3/9/13
to
On Sat, 9 Mar 2013 09:42:04 +0000, "J. P. Gilliver (John)"
<G6...@soft255.demon.co.uk> wrote:

>In message <khe76q$c5n$1...@news.albasani.net>, VanguardLH <V...@nguard.LH>
>writes:
>[]
>>Tis possible they upped their password complexity requirements from when
>>you last entered it. Your old device (home desktop) works because it is
>>seen as an old device known to your account so it got grandfathered in.
>>When you attempt to connect a new device (laptop) to your account, it
>>triggers the newer complexity requirement.
>[]
>Does their system actually recognise individual computers, then? I would
>have thought this difficult to implement, with modern NAT routers. I
>suspect (though could certainly be wrong) that he's somehow ticked, or
>not ticked, a box while trying to set up Skype on the new computer, so
>that it (the combination of the software and the Skype server) thinks
>he's trying to set up a new account rather than access an existing one.

Hmmm. I think you said this befoe but I didnt' get it. I'll take a
look.

It also occurs to me that maybe I shouldn't be using the current
version of Skype to set this up. I can probably go to www.oldapps.com
and find an old version, and maybe it won't have such standards when
signing up. (Yes, it would be easier to put the code for that on
their server than in the user code, but the code would be short and
it's worth a try.) And then upgrade to the current version once I'm
loogged in.

And then they'll make old users change their passworrds too!!

VanguardLH

unread,
Mar 11, 2013, 12:27:56 AM3/11/13
to
J. P. Gilliver (John) wrote:

> VanguardLH writes:
>
>> Tis possible they upped their password complexity requirements from
>> when you last entered it. Your old device (home desktop) works
>> because it is seen as an old device known to your account so it got
>> grandfathered in. When you attempt to connect a new device (laptop)
>> to your account, it triggers the newer complexity requirement.
>
> Does their system actually recognise individual computers, then? I
> would have thought this difficult to implement, with modern NAT
> routers.

Any program running on your host can generate a fingerprint based on
whatever criteria the coder decided. For example, when you visit a site
where you allow it to run Javascript in the web browser running on your
host, it can find out THAT host's IP address rather than report the
WAN-side IP address of the NAT router. A program running on your host
could look at the BIOS' firmware signature, what CPU you had, amount of
memory, number of drives, their manufacturer, and their firmware sigs,
what OS you are running (version, edition), get your hostname,
workgroup, list of programs, and so on. I can create a "device"
signature used to identify THAT one. It may not be unique across all
users but it is probably more than unique enough for each account.

When they say that they "may" collect information from your computer but
which is not personally identifying, yeah, they aren't identifying YOU
as the legal identification of the person but that doesn't preclude them
from fingerprinting the computer.

If you visit with a web browser (instead of a client program), they can
still generate a [partial] fingerprint of you based on what web browser
connected to them (the User-Agent and other HTTP headers), what add-ons
it had installed (which ones were active), system fonts, your version
and edition of OS, your timezone, if they can save a cookies, if cookies
are enabled or not, and anything else that Javascript can collect.
Javascript has its security model. That is not a privacy model. Visit
http://panopticlick.eff.org/ to see what they could use for a
fingerprint of your visit. When I went there and did their test, they
said "Your browser fingerprint appears to be unique among the 2,760,048
tested so far." Well, 2 million isn't super high but just how many
users have visited there? Probably 2 million. They also state
"Currently, we estimate that your browser has a fingerprint that conveys
at least 21.4 bits of identifying information." Well, 21 bits seems a
long enough fingerprint to me.

Then consider they are running Javascript versus a client program you
installed on your host and either gets all the same privileges of the
Windows account under which you login or has been granted (by you)
elevated privileges because, gee, they said they needed it for their
program to work correctly. The same info and much more can be collected
by a client running on your host to generate an even longer fingerprint.
So, yes, a client running on your host can identifying it well enough,
especially when considering they are differentiating hosts only within
the scope of a single account, to know which "device" is connecting to
that account.

Sure, nothing about YOU personally is included in the fingerprint (since
they don't have to bother reading any of your document files) but that
doesn't bar them from using a fingerprint of your host to identify it as
a unique "device" connecting to their service and for just one account.

> I suspect (though could certainly be wrong) that he's somehow ticked,
> or not ticked, a box while trying to set up Skype on the new
> computer, so that it (the combination of the software and the Skype
> server) thinks he's trying to set up a new account rather than access
> an existing one.

If that's the cause, I'd start hunting around inside the Skype client to
see if it has a means of exporting its configuration either for use to
restore it should a re-install of the program is needed, like after a
computer rebuild, or to migrate that configuration to other devices
(computers, mobile devices, etc).

"How do I back up my configuration and instant message history?"
https://support.skype.com/en/faq/FA413/how-do-i-back-up-my-configuration-and-instant-message-history
(simply found with a Google search on "skype export configuration")

For the OP, copy the existing folder elsewhere as a backup copy during a
test to see if sliding in a copy of the folder from the working host
fixes his problem. Of course, if they're using fingerprints, a problem
could arise if they build it only on installation and save in a file in
this folder. The two hosts couldn't be concurrently connected because
it would look like the same device (by the static fingerprint) was
connected twice to the same account which they probably don't allow for
security purposes or simply as a quota limitation for the service tier
currently contracted.

J. P. Gilliver (John)

unread,
Mar 11, 2013, 3:12:43 AM3/11/13
to
In message <khjmg2$mq4$1...@news.albasani.net>, VanguardLH <V...@nguard.LH>
writes:
>J. P. Gilliver (John) wrote:
>
>> VanguardLH writes:
>>
>>> Tis possible they upped their password complexity requirements from
>>> when you last entered it. Your old device (home desktop) works
>>> because it is seen as an old device known to your account so it got
>>> grandfathered in. When you attempt to connect a new device (laptop)
>>> to your account, it triggers the newer complexity requirement.
>>
>> Does their system actually recognise individual computers, then? I
>> would have thought this difficult to implement, with modern NAT
>> routers.
>
>Any program running on your host can generate a fingerprint based on
[Usual thorough and lengthy VanguardLH answer snipped: good stuff, just
not related to the OP's problem/question ...]

OK, they can and it's easy for them to do so. The first part of my
question still stands: does Skype log individual computers? If so, does
it force a user setting up a new computer on an existing account to
create a new password if they've upped the requirement since the account
was opened, but still allow existing computers to use grandfathered
passwords? Seems a bit inconsistent if so. I still think it thought a
new account was being created.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

To me as an anaesthetist, a doctor whose job it is to keep the engine running
while someone else tries to fix it - Dr Kevin Fong, Radio Times 25 Sept-1 Oct
2010

VanguardLH

unread,
Mar 11, 2013, 4:28:11 AM3/11/13
to
J. P. Gilliver (John) wrote:

> VanguardLH writes:
>
>>J. P. Gilliver (John) wrote:
>>
>>> VanguardLH writes:
>>>
>>>> Tis possible they upped their password complexity requirements from
>>>> when you last entered it. Your old device (home desktop) works
>>>> because it is seen as an old device known to your account so it got
>>>> grandfathered in. When you attempt to connect a new device (laptop)
>>>> to your account, it triggers the newer complexity requirement.
>>>
>>> Does their system actually recognise individual computers, then? I
>>> would have thought this difficult to implement, with modern NAT
>>> routers.
>>
>> Any program running on your host can generate a fingerprint based on
>
> [Usual thorough and lengthy VanguardLH answer snipped: good stuff, just
> not related to the OP's problem/question ...]

It addressed YOUR subtopic in this SUBthread. So, in effect, you just
commented that your subtopic was not related to the OP's problem.

"Does their system actually recognise individual computers, then? I
would have thought this difficult to implement, with modern NAT
routers."

Hmm, now who was it the made that statement? I addressed your second
statement in the misbelief that a NAT router is going to hide you or
that a device behind it cannot be uniquely identified. You really
thought all you would get is a "Not difficult at all" response?

> OK, they can and it's easy for them to do so. The first part of my
> question still stands: does Skype log individual computers? If so, does
> it force a user setting up a new computer on an existing account to
> create a new password if they've upped the requirement since the account
> was opened, but still allow existing computers to use grandfathered
> passwords? Seems a bit inconsistent if so. I still think it thought a
> new account was being created.

Since the multiple hosts are connecting to the same account, it should
be the same login credentials used on each host. Different login
credentials from different devices (hosts) connecting to the same
account would cause undue hardship and confusion to the users. They
won't remember a whole bunch of different logins to the same account.

*IF* it is indeed the true scenario of the actual owner logging into
that one account, it should be the same login credentials at each host.
So something else is happening that we're not being told about here.

The OP claims he is logging into the SAME account and we are inferring
that it his account. Not many client hide the username field for the
login credentials, so the OP can easy obtain what is his correct
username for logging in (name, e-mail address, or whatever). He wants
our help on bypassing login requirements on his new host. If he knew
what was his old password, and since that old password still works on
his professed prior host, then it's the same password now for his new
laptop.

Skype has its own "Forgot Password" procedure which would reset his
current password, e-mail to him the new temporary password, and he uses
that to login and change the password to what he wants (within their
minimum complexity requirements) -- and then he has to use those SAME
login credentials from all his hosts. The OP has spent far more time
trying to get us to help him circumvent Skype's login requirements than
just changing to a new a more complex password that he would use
hereafter for his old and new hosts and to login at the web site.

As JAS hinted, something perhaps is not kosher here so I'm not going to
further participate in this discussion. *IF* the account is actually
owned by the OP, he already knows what to do. That he doesn't want to
do it might have covert intentions.

J. P. Gilliver (John)

unread,
Mar 12, 2013, 2:56:36 AM3/12/13
to
In message <khk4ii$6ti$1...@news.albasani.net>, VanguardLH <V...@nguard.LH>
writes:
>J. P. Gilliver (John) wrote:
[]
>> [Usual thorough and lengthy VanguardLH answer snipped: good stuff, just
>> not related to the OP's problem/question ...]
[]
>Hmm, now who was it the made that statement? I addressed your second
>statement in the misbelief that a NAT router is going to hide you or
>that a device behind it cannot be uniquely identified. You really
>thought all you would get is a "Not difficult at all" response?

Not from you I suppose! You and I are a bit alike in that respect.
>
>> OK, they can and it's easy for them to do so. The first part of my
>> question still stands: does Skype log individual computers? If so, does
>> it force a user setting up a new computer on an existing account to
>> create a new password if they've upped the requirement since the account
>> was opened, but still allow existing computers to use grandfathered
>> passwords? Seems a bit inconsistent if so. I still think it thought a
>> new account was being created.
>
>Since the multiple hosts are connecting to the same account, it should
>be the same login credentials used on each host. Different login
>credentials from different devices (hosts) connecting to the same
>account would cause undue hardship and confusion to the users. They
>won't remember a whole bunch of different logins to the same account.

That's what I thought.
>
>*IF* it is indeed the true scenario of the actual owner logging into
>that one account, it should be the same login credentials at each host.
>So something else is happening that we're not being told about here.
>
>The OP claims he is logging into the SAME account and we are inferring
>that it his account. Not many client hide the username field for the
>login credentials, so the OP can easy obtain what is his correct
>username for logging in (name, e-mail address, or whatever). He wants
>our help on bypassing login requirements on his new host. If he knew
>what was his old password, and since that old password still works on
>his professed prior host, then it's the same password now for his new
>laptop.

Agreed.
[rest snipped.]
I assumed that he had somehow ticked (or not ticked) the wrong box in
setting up Skype on his new machine, such that it thought he was setting
up a new account instead; if I understand you correctly, you think he is
asking for our help in hacking into somebody else's account. Since we've
scared him off with our (good-natured I hope) bickering, or at least
he's wandered off in disinterest, we'll not know which is the case.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

The only difference between saints and sinners is that every saint has a past
while every sinner has a future. -Oscar Wilde, writer (1854-1900)

micky

unread,
Mar 16, 2013, 6:19:35 PM3/16/13
to


Posted and emailed to everyone (both of you) who posted in the t
hread with a seemingly valid address. I don't want this false
story going any farther than it has.

On Fri, 08 Mar 2013 12:21:01 -0500, micky <NONONO...@bigfoot.com>
wrote:

>I have Skype on my home computer, and just got a laptop I want to
>install Skype there too but when I went to use my current email
>address and password, it didn't like the password.

I can be so stupid. It's not the password it didn't like. It was
the Skype name. I used the email address I used for Skype instead.

Skype doesn't make you log in after the first time for a given
computer, so I'd forgotten what went into those fields. The second
was marked password, and I don't even recall what the first one is
called.

Doing favors for friends can certainly help oneself. I was setting up
Skype on a friend's laptop, and I didn't know his birthday etc. but I
wanted to test Skype, the microphone, the speakers. It finally
occurred to me to use my login. And this time, I just automatically
used my Skype name, not my email address, and everything worked. So
I tried that on my laptop and it worked there too.

It must be true that new accounts have stricter standards for
passwords, but they havent' outlawed my password, which violates two
of their current rules.


I never did find out where it was stored. I was planning on copying my
friend's registry just before and just after I first entered his
password and comparinig them with FC. But I really don't have time
for things like this right now.

I hope you'll forget about this stupid episode before I ask my next
question.

Thanks again

P.S. FWIW I still have four posts in this thread to read.

Paul

unread,
Mar 16, 2013, 11:06:37 PM3/16/13
to
Just for the record, the Skype designers are wizards at security.
You can be assured your password is not stored in plaintext.

http://en.wikipedia.org/wiki/Skype_security

Skype has been a major challenge, for the academics who have
studied it from the outside. Skype can punch through filters
that IP departments set up (it can use things like port 80,
to get through corporate walls). Skype uses public key encryption
for stuff. There are some papers on the topic, here.

http://www.cs.columbia.edu/~salman/skype/

Paul

gulzama...@gmail.com

unread,
Jul 10, 2020, 4:53:38 AM7/10/20
to
03425331533
0 new messages