Syskey: Difference between revisions
→See also: Added link to Bitlocker as an alternative to Syskey |
No edit summary |
||
Line 1: | Line 1: | ||
'''SYSKEY''' is a utility that [[encryption|encrypts]] the [[hash function|hashed]] [[password]] information in a [[System Account Manager|SAM]] [[database]] using a 128-bit [[encryption key]]. |
'''SYSKEY''' is a utility that [[encryption|encrypts]] the [[hash function|hashed]] [[password]] information in a [[System Account Manager|SAM]] [[database]] in a [[Windows]] system using a 128-bit [[encryption key]]. |
||
SYSKEY was an optional feature added in [[Windows NT]] 4.0 SP3. It was meant to protect against [[offline]] [[password cracking]] attacks so that the SAM database would still be secure even if someone had a copy of it. However, in December 1999, a security team from BindView found a security hole in SYSKEY which indicates that a certain form of [[Cryptanalysis|cryptanalytic]] attack is possible offline. A [[brute force attack]] then appeared to be possible. |
SYSKEY was an optional feature added in [[Windows NT]] 4.0 SP3. It was meant to protect against [[offline]] [[password cracking]] attacks so that the SAM database would still be secure even if someone had a copy of it. However, in December 1999, a security team from BindView found a security hole in SYSKEY which indicates that a certain form of [[Cryptanalysis|cryptanalytic]] attack is possible offline. A [[brute force attack]] then appeared to be possible. |
Revision as of 05:23, 25 November 2009
SYSKEY is a utility that encrypts the hashed password information in a SAM database in a Windows system using a 128-bit encryption key.
SYSKEY was an optional feature added in Windows NT 4.0 SP3. It was meant to protect against offline password cracking attacks so that the SAM database would still be secure even if someone had a copy of it. However, in December 1999, a security team from BindView found a security hole in SYSKEY which indicates that a certain form of cryptanalytic attack is possible offline. A brute force attack then appeared to be possible.
Microsoft later collaborated with BindView to issue a fix for the problem (dubbed the 'Syskey Bug') which appears to have been settled and SYSKEY has been pronounced secure enough to resist brute force attack.
According to Todd Sabin of the BindView team RAZOR, the pre-RC3 versions of Windows 2000 were also affected.
This article is based on material taken from the Free On-line Dictionary of Computing prior to 1 November 2008 and incorporated under the "relicensing" terms of the GFDL, version 1.3 or later.