What is Syskey on Windows computers? Is it malware? No, Syskey is an encryption program for Windows operating systems before Windows 10. Scroll down to learn about more information about this encryption program offered by MiniTool Partition Wizard.
What Is Syskey?
About 24 years ago, Microsoft wanted to make its operating system more secure and added an extra layer of protection that is Syskey. So, Syskey was an encryption program. This encryption program used a 128-bit RC4 encryption key to encrypt SAM (Security Account Manager) database that stores user passwords in a hashed format.
Further reading:
In a hashed format, passwords are unreadable by an unauthorized program. Hashed passwords are encrypted so that hackers and cybercriminals cannot gain access to a Windows computer by simply looking up the SAM.
With Syskey, you had an option to specify a password that would protect the authentication credentials of Windows accounts stored in the SAM database. When the password was set, you would need to input the password during the startup before displaying and password prompt.
Syskey Can’t Be Found on Windows 10
Syskey can be found on versions of Windows before Windows 10. It was replaced by BitLocker disk encryption on Windows 10. Why did Microsoft abandon this encryption program?
The first reason is that the Syskey process is quite outdated in modern times. The second reason is that “tech support” scammers would take advantage of Syskey to make money.
Scammers usually call you claiming to be from Microsoft technical support. They say you’re your computer is infected with viruses to convince you to let them remotely connect your computer and fix the issues. Once you believe them, scammers will use Syskey to lock your computer.
What to Do When Falling into a Syskey Scam?
If you stuck in the above trouble, reinstalling Windows is not feasible due to SAM database encryption. How about using a System Restore Point? It might be also useless as cunny scammers would delete the System Restore Points. What to do?
Scammers use an unknow Syskey to lock computers. Therefore, the only solution is to remove the password. How to remove Syskey password? The tutorial is below.
Step 1: Boot computer from Windows installation media. Press SHIFT + F10 keys to open the Command Prompt on the Setup screen.
Step 2: When Command Prompt opens, input the command: dir #: (# refers to the drive letter of the system partition).
Step 3: Run another two commands to back up your registry files to a temporary location. The # symbol in the two commands still refers to the drive letter of your Windows installation.
mkdir #:regbackup
xcopy #:WindowsSystem32Config #:regbackup /y
Step 4: Run the last command to restore the registry with the backup files in the RegBack folder. The # symbol still refers to the drive letter of the system partition.
xcopy #:WindowsSystem32ConfigRegBack #:WindowsSystem32Config /y
Step 5: After finishing the above steps, you have successfully disabled Syskey. Then, you should restart the computer. Windows will do an automatic startup repair and reboot to the login screen.
How to Stay away from Syskey Scam?
To stay away from Syskey scam, you should stop using the Windows system that still adopts Syskey and should upgrade to Windows 10.
If you are used to using older Windows operating systems, it is highly recommended that you create backups regularly. Furthermore, you should increase your vigilance when you receive a call that claims your computer is infected by viruses and the person on the phone says he needs the remote access to your computer to help you fix the issue.
