How Do I Use the SYSKEY Functionality of Service Pack 3?

Learn how to use SYSKEY to protect your system's SAM database in this Hot Tip!

ITPro Today

September 12, 2000

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Windows NT 4.0 Service Pack 3 (SP3) contains a new feature that introduces the ability to increase security on the SAM database. Called System Key (SYSKEY), the new feature was initially released as a post-SP2 hotfix. According to article Q143475, "The Windows NT Server 4.0 System Key ... provides the capability to use strong encryption techniques to increase protection of account password information stored in the registry by the Security Account Manager (SAM)."

SYSKEYs are used upon system startup to decrypt the SAM database, and are used in one of three ways:

- The system generates a secure key, which is stored on the local hard disk for unattended system startup.
- The system generates a secure key, which is stored on a floppy disk that must be inserted during system startup.
- An administrator-specified password, which must be entered on system startup, is used to encrypt the SAM database.

To learn more about SYSKEY, including some caveats, be sure to visit our Windows 2000 FAQ Site.

http://www.windows2000faq.com/Articles/Index.cfm?ArticleID=14762
http://support.microsoft.com/support/kb/articles/q143/4/75.asp

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like