SYSKEY
<cryptography, operating system, security> A utility that
{encrpyts} the {hashed} {password} information in a {SAM}
database using a 128-bit {encryption key}.
SYSKEY was an optional feature added in {Windows NT} 4.0 SP3.
It was meant to protect against {offline} password {cracking}
attacks so that the SAM database would still be secure even if
someone had a copy of it. However, in December 1999, a
security team from BindView (http://bindview.com/) found
a security hole in SYSKEY which indicates that a certain form
of {cryptoanalytic} attack is possible offline. A
{brute-force attack} then appeared to be possible.
Microsoft later collaborated with BindView to issue a fix
(dubbed the 'Syskey Bug') which appears to have been settled
and SYSKEY pronounced secure enough to resist brute-force
attack.
According to Todd Sabin of the BindView team RAZOR, the
pre-RC3 versions of {Windows 2000} were also affected.
BindView Security Advisory
(http://packetstorm.securify.com/9912-exploits/bindview.syskey.txt).
BindView press release
(http://bindview.com/news/99/1222.html).
Microsoft bulletin
(http://microsoft.com/Security/Bulletins/ms99-056.asp).
(2000-07-16)