SYSKEYWindows NT 4.0 SP3. It was meant to protect against offline password cracking attacks so that the SAM database would still be secure even if someone had a copy of it. However, in December 1999, a security team from BindView found a security hole in SYSKEY which indicates that a certain form of cryptoanalytic attack is possible offline. A brute-force attack then appeared to be possible. Microsoft later collaborated with BindView to issue a fix (dubbed the 'Syskey Bug') which appears to have been settled and SYSKEY pronounced secure enough to resist brute-force attack. According to Todd Sabin of the BindView team RAZOR, the pre-RC3 versions of Windows 2000 were also affected. BindView Security Advisory. BindView press release. Microsoft bulletin.
Last updated: 2000-07-16