Storing Secrets in Windows
In addition to storing passwords in Active Directory or SAM databases, Windows Server 2003, Windows 2000, and Windows XP store passwords and other secrets in other locations for a variety of purposes.
The Local Security Authority (LSA) maintains information about all aspects of local operating system security. The LSA performs the following tasks:
Manages local security policy
Manages audit policy and settings
Generates access tokens
In addition, the LSA stores information used by the operating system, known as LSA secrets. LSA secrets include items such as persistently stored Remote Access Service (RAS) information; trust relationship passwords; and user names, passwords, and account ...