Home > Products > Windows Passwords > Reset Windows Password > Screenshots > Reset SYSKEY security
Reset SYSKEY security (with user passwords re-encryption)
15.07.2014
Windows Password Recovery v9.7.0
several fixups and new extended capabilities
25.06.2014
Office password recovery utilities
Minor update
17.06.2014
Wireless Password Recovery v3.3.2
Fixed a bug in Dictionary attack
10.06.2014
New article
Security flaw in DPAPI data protection

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

Reset Windows Password:
  SYSKEY reset

 

Selecting data source

Resetting SYSKEY encryption

First you need to point to 3 registry hives: SAM, SYSTEM and SECURITY. Usually SYSKEY resides in your SYSTEM registry under HKLM\CurrentControlSet\Control\Lsa key. But once you set your SYSKEY for example to require a boot startup password and forgot it, there's no chance to boot up your system. Needless to say that SYSKEY is extremely effective tool in the hands of a master. Setting your SYSKEY option to require a startup password or boot diskette is very effective against ANY(!) Windows password breaker. In that case a password extractor program can not decrypt your password hashes even if it get a full access to your system.

 

Resetting SYSKEY

Resetting SYSKEY and zeroing out user passwords

Note! SYSKEY resetting is unsafe operation that affects the whole system security. For example after SYSKEY is reset, even if you can logon your system, you will not be able to decrypt your EFS protected files.

There are a number of programs in the Net that proclaim they can reset SYSKEY. But none of them works correctly at the moment. The reason is that SYSKEY resetting requires a lot of additional operations for your system to prevent it from being broken. For example you need also to zero out SAM domain session key(s), reencrypt and reset local user hashes, LSA secrets, etc. Reset Windows Password has 2 algorithms for resetting SYSKEY. Once the primary one fails, another one runs. After SYSKEY is reset, all local user passwords will be set to blank automatically.

After resetting SYSKEY on a Windows 8 machine, you should change password for every LiveID account to a non-empty one. Otherwise you will not be able to logon the system with empty password.