First, what is “syskey”?
SYSKEY is a utility that encrypts the hashed
password information in a SAM database in a Windows system using a
128-bit encryption key.
SYSKEY was an optional feature added in Windows NT 4.0 SP3. It was
meant to protect against offline password cracking attacks so that the
SAM database would still be secure even if someone had a copy of it.
However, in December 1999, a security team from Bind View found a
security hole in SYSKEY which indicates that a certain form
of cryptanalytic attack is possible offline. A brute force attack then
appeared to be possible.
Microsoft later collaborated with Bind View to issue a fix for the
problem (dubbed the ‘Syskey Bug’) which appears to have been settled and
SYSKEY has been pronounced secure enough to resist brute force attack.
According to Todd Sabin of the Bind View team RAZOR, the pre-RC3 versions of Windows 2000 were also affected.
So this is pretty cool, right? Well, I really like the idea of
keeping this on Floppy so that it requires a floppy disk (a sort of 2
factor (hardware/software) authentication?).
Naturally I wanted to go a bit further and use this on a USB drive
instead of storing to a Floppy. I can’t see myself carrying a floppy
and a USB floppy drive around with me. After all, this provides another
layer of security.
NOTE: I haven’t tested copying data from 1 USB to another USB to see
if it works as a backup. This way you could lock up a USB drive as a
spare if needed.
Here’s how to get this to work using a USB drive.
1. Insert your USB drive into your system and wait for it to be recognized and install any necessary drivers.
2. Fire up disk management and re-assign the drive letter it was given to “A”.
Start up disk management by clicking Start and typing diskmgmt.msc
Right-click the USB drive and choose to assign driver letter or path.
Assign it to letter “A”
Accept the warning message
Now your USB drive is “A”
3. Run Syskey and save encryption to USB Drive “A”
Click Start and type syskey followed by hitting Enter
Syskey launched; Click “Update”
Choose “Store Startup key on floppy disk” and click “OK”
You’ll be prompted to enter your diskette. Make sure your USB drive is inserted and writable.
4. Reboot and have fun. Don’t lose your USB disk! Also, to revert
this, you can run syskey again and choose to store it locally instead of
“on a floppy disk”.
Subscribe to:
Post Comments (Atom)
1 comments:
thank you....
Please try to comment if i have done well or if you have finished learning from the blog
EmoticonEmoticon