If your laptop uses software from UPEK, it's exposing your Windows password.
The easily cracked passwords are stored in the Windows registry even after the Protector Suite software has been deactivated, according to the Elcomsoft advisory. It is only removed when a user manually deletes it. The precise registry location of the encrypted password is not yet known. This article will be updated with instructions for locating and removing it if that information can be obtained.
Authentec no longer actively markets Protector Suite, but according to archived data from the UPEK website, the app ships—or used to ship—on laptops manufactured by 16 different companies. In addition to Dell and Acer, other PC makers include Amoi, Asus, Clevo, Compal, Dell, Gateway, IBM/Lenovo, Itronix, MPC, MSI, NEC, Sager, Samsung, Sony, and Toshiba.
Read more on ArsTechnica
