Monday, 29 August 2016

How to remove Syskey and Administrator password

How to remove Syskey and Administrator password


In this tutorial we will remove Syskey start up password and reset the administrator password. Syskey is the additional layer of security. An average user barely implement it. Scammers take advantage of this tool to scam. Scammers usually contact computer owner identifying himself as a member of Microsoft support team. They will informs you that your PC have number of critical problems, those need to be fix immediately or your system will fail to work properly. They will convince you to allow them to connect system remotely and fix the issues. If you do make the mistake of letting them connect, they will ask you to pay $$$ for fix. If you refuse to pay, they will enacted SysKey encryption on the SAM registry hive.


In Window XP, Security Accounts Management (SAM) database stores hashed copies of user passwords. To keep the SAM database secure, Window requires that the password hashes are encrypted. SAM database is encrypted with a locally stored system key. SysKey utility can additionally secure the SAM database by moving the SAM database encryption key off the Windows-based computer. The SysKey utility can configure a start-up password that must be entered to decrypt the system key so that Windows can access the SAM database.


How to set administrator password in Window XP


Administrator is the built in super user account in Window XP. Whenever you install XP, it automatically created. By default administrator account is not password protected, unless you make it during the installation. This account have privilege to access everything in computer. With this account you can change any password on that system. If you have purchased any branded computer like Sony, HCL, Dell, with pre XP installed, you would be able to login to computer with administrator account using blank password.


This account usually doesn't show up on the logon screen and average user don't know it exists. Usually user won't need to use computer under this account very often. You need this account in safe mode or at recovery console.


To set administrator account password Click Start button and Right click on My Computer, from context menu click Manage

From left pane expend Local users and groups, Click Users.


In right pane, Right click Administrator, from context menu Click Set password


Click Proceed on alert message box



Set password and Click OK



Click OK on confirmation message box


We have protected administrator account with password to enhance the security of system.


How to set Syskey in window XP


To enable Syskey encryption, Click Start button and Click Run




In Run dialog box type Syskey and Click OK




From opened dialog box select Encryption Enabled option and Click Update. When this option is selected, Windows will always encrypt the SAM database.



We have two options here Password Startup and System Generated Password, if you do not want to require a startup password use second option.


1.    Store Startup Key on Floppy Disk To store the system startup password on a floppy disk. This requires that someone insert the floppy disk to start the operating system. This provides the highest level of protection for the SAM database.


2.    Store Startup Key Locally To store the encryption key on the hard disk of the local computer. This is the default option.


Click Password Startup and set password and Click OK


Click OK on success message We have successful setup the Syskey start up password.


Now we have set both password administrator and Syskey.


On next reboot you will get following message.


Startup Password


This computer is configured to require a password in order to start up. Please enter the Startup Password below.


Enter the Syskey password and try to access administrator account with blank password. This time you will get alert message



If you have done above procedure to enhance the security of system, congratulation you have now more secure computer than your colleagues.


But if a scammer has done this, you are in you are in lockout situation.


Very first thing user do in this situation is to call Microsoft or post thread on their support form for help. But it is useless as Microsoft Support Engineers do not help users to get forgotten or stolen password. You will ended up with following policy page



No comments: