Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Syskey
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Security issues== ===The "Syskey Bug"=== In December 1999, a security team from [[BindView]] found a security hole in Syskey that indicated that a certain form of offline [[cryptanalysis|cryptanalytic]] attack is possible, making a [[brute force attack]] appear to be possible.<ref name="bvskdottxt">{{cite web |url=https://packetstormsecurity.com/files/11121/bindview.syskey.txt.html |title=bindview.syskey.txt |work=[[Packet Storm]] |date=December 16, 1999 |access-date=July 1, 2016 |author=Sabin, Todd}}</ref> Microsoft later issued a fix for the problem (dubbed the "Syskey Bug").<ref>{{cite web |url=http://www.thewindowsclub.com/inbuilt-syskey-utility-lock-windows-7-computer-usb-stick |title=Use SysKey Utility to lock Windows computer using USB stick |publisher=The Windows Club |date=March 9, 2012 |access-date=July 1, 2016 |author=Khanse, Anand}}</ref> The bug affected both Windows NT 4.0 and pre-RC3 versions of [[Windows 2000]].<ref name="bvskdottxt" /> ===Use as ransomware=== Syskey is commonly abused by [[Technical support scam|technical support scammers]] to lock victims out of their own computers in order to coerce them into paying a ransom.<ref>{{cite web|url=http://triplescomputers.com/blog/casestudies/solution-this-is-microsoft-support-telephone-scam-computer-ransom-lockout/|title=SOLUTION: "This is Microsoft Support" telephone scam β Computer ransom lockout|date=10 April 2013|website=Case Studies|publisher=Triple-S Computers}}</ref><ref name="smh-syskey">{{cite web |title=Tech support company with workers in India claims its 'good name' being ruined by scammers|url=http://www.smh.com.au/it-pro/security-it/tech-support-company-with-workers-in-india-claims-its-good-name-being-ruined-by-scammers-20141116-11o361.html|website=Sydney Morning Herald|date=17 November 2014 |access-date=23 February 2017}}</ref> It is also used against such scammers by [[Scam baiting|scambaiters]] as a way to disrupt their fraudulent operations.<ref>{{Cite AV media |url=https://www.youtube.com/watch?v=JrVUAQtKu58 |title=Extreme Anger From SYSKEY-ed Scammer |date=2023-04-15 |last=Scam Sandwich |access-date=2025-05-11 |via=YouTube}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)