Also found in: Dictionary, Medical, Wikipedia.


(cryptography, operating system, security)
A utility that encrpyts the hashed password information in a SAM database using a 128-bit encryption key.

SYSKEY was an optional feature added in Windows NT 4.0 SP3. It was meant to protect against offline password cracking attacks so that the SAM database would still be secure even if someone had a copy of it. However, in December 1999, a security team from BindView found a security hole in SYSKEY which indicates that a certain form of cryptoanalytic attack is possible offline. A brute-force attack then appeared to be possible.

Microsoft later collaborated with BindView to issue a fix (dubbed the 'Syskey Bug') which appears to have been settled and SYSKEY pronounced secure enough to resist brute-force attack.

According to Todd Sabin of the BindView team RAZOR, the pre-RC3 versions of Windows 2000 were also affected.

BindView Security Advisory.

BindView press release.

Microsoft bulletin.
This article is provided by FOLDOC - Free Online Dictionary of Computing (


(SYStem KEY) The Windows function that encrypts the data in the Security Accounts Manager (SAM) database. The encryption key is stored locally. Syskey Mode 1 is automatic, and the computer reads the key on startup. Mode 2 requires the key to be typed in by the user at startup, while Mode 3 requires the key to be entered from external media such as a USB drive. See SAM.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.