Download User Manual

The Microsoft Windows 2000, Microsoft Windows XP, and Microsoft Windows 2003 Security Accounts Management Database (SAM) stores hashed copies of user passwords. This database is encrypted with a locally stored system key. To keep the SAM database secure, Windows requires that the password hashes are encrypted. Windows prevents the use of stored, unencrypted password hashes.

You can use the SysKey utility to additionally secure the SAM database by moving the SAM database encryption key off the Windows-based computer. The SysKey utility can also be used to configure a start-up password that must be entered to decrypt the system key so that Windows can access the SAM database. This article describes how to use the SysKey utility to secure the Windows SAM database.

1. To enable Syskey encryption, Click Start button and Click Run.
2. In Run dialog box type Syskey and Click OK.
3. From opened dialog box select Encryption Enabled option and Click Update.
4. When this option is selected, Windows will always encrypt the SAM database.
5. We have two options here Password Startup and System Generated Password, if you do not want to require a startup password use second option.
6. Store Startup Key on Floppy Disk To store the system startup password on a floppy disk. This requires that someone insert the floppy disk to start the operating system. This provides the highest level of protection for the SAM database.
7. Store Startup Key Locally To store the encryption key on the hard disk of the local computer. This is the default option.
8. Click Password Startup and set password and Click OK.
9. Click OK on success message We have successful setup the Syskey start up password.
10. Then set administrator or users password .

SHARE BY GK