Protect the Account Database with Syskey
Passwords in the password database are encrypted. Syskey is a utility that is used by default to provide additional protection. The Syskey utility does the following:
Encrypts the password database with a 128-bit cryptographically random encryption key.
Encrypts the password encryption key with a system key.
Allows storage of the system key in three different ways.
If configured in “not stored” or “stored on floppy disk” mode, Syskey can protect the system from unauthorized reboot.
There are three options for the storage of the system key:
Locally— A system key is generated by the system and stored on the hard drive using a complex obfuscation algorithm. No intervention is needed at startup. This is the ...
Get Windows Server 2003 Security: A Technical Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.