Determining Encryption Level and Current Version

Service Pack 6a (SP6a) extends the standard-encryption version of Windows NT from 40 bit to 56 bit. If you accidentally apply the 56-bit-encrypted service pack to a high-encryption OS, you might compromise your system's security. The standard-encryption version of SP6a won't downgrade the encryption level of all components of a high-encryption system, and the mixed encryption level might prevent some services from starting. The SP6a download page has standard-encryption and high-encryption versions available, so be sure you download the correct one. (For links to specific upgrades, see the sidebar "SP6a Download URLs.")

You can use the following technique to determine the encryption level of a running NT system:

  1. Open Windows Explorer.
  2. Find the file \%systemroot%\system32\schannel.dll. (Schannel.dll is a hidden system file and won't appear in Windows Explorer unless you go to Window's Explorer's View options and enable the display of hidden and system files.)
  3. Right-click schannel.dll, click Properties, then click the Version tab. If the description is Export, you have a 40-bit system; if the description is U.S. domestic version, you have a 128-bit system.

To determine the version number of the running OS, use the winver.exe utility. Simply open a command prompt (or use Run on the Start menu), and enter the command.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.