What's the Hash in HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.<extension>\UserChoice?

Someone reverse engineered the hash and wrote a CLI tool to set file associations:

http://kolbi.cz/blog/?p=346

extension = “.txt”; the file extensionsid = “S-1-5-21-463486358-3398762107-1964875780-1001” ; the SID of the current userprogid = “txtfile”; the ProgId of the desired associationregdate = “01d3442a29887400”; timestamp of the UserChoice registry keyexperience = “a microsoft secret string”; a static string (this is a dummy example, not the real stringhash = Base64(MicrosoftHash(MD5(toLower(extension, sid, progid, regdate, experience))))

Not all details are revealed but probably enough to reverse engineer the rest.

Microsoft decided in Windows 8 (probably for security reasons) that users should be able to set default programs only via the built in GUI. I.e. by design, you are not supposed to be able to set default handlers in a script or programmatically.

The Hash value is used to prove that the UserChoice ProgId value was set by the user, and not by any other means. This works as long as Microsoft keeps the algorithm which generates the Hash, and the mechanism for verifying the ProgId using the Hash, a secret.

In theory you could figure out the secret to set the Hash (and possibly other hidden OS settings), but you would have no guarantee of it's reliability; the next Windows Update might break your method, for example. You probably just need to adapt to the change, and live with using the new methods Microsoft built in to the OS.

By the way, these userchoice hashes in a profile become invalid after a sysprep, causing all those "an app default was reset" messages during the first login after sysprep, and many log entries in Microsoft-Windows-Shell-Core/AppDefaults.