Home > Products > Windows Passwords > Reset Windows Password > Screenshots > Reset SYSKEY security
Reset SYSKEY security (with user passwords re-encryption)
06.07.2016
MS Office Password Recovery tools
Support for new hardware
05.07.2016
Windows Password Recovery v10.4
Support for new GPUs
01.07.2016
Outlook Password Recovery v3.0
Support for Outlook 2016
30.06.2016
Wireless Password Recovery 3.8.0
Support for AMD Radeon RX 4XX, some serious errors were fixed

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

Reset Windows Password:
  SYSKEY reset

 

Selecting data source

Resetting SYSKEY encryption

First you need to point to 3 registry hives: SAM, SYSTEM and SECURITY. Usually SYSKEY resides in your SYSTEM registry under HKLM\CurrentControlSet\Control\Lsa key. But once you set your SYSKEY for example to require a boot startup password and forgot it, there's no chance to boot up your system. Needless to say that SYSKEY is extremely effective tool in the hands of a master. Setting your SYSKEY option to require a startup password or boot diskette is very effective against ANY(!) Windows password breaker. In that case a password extractor program can not decrypt your password hashes even if it get a full access to your system.

 

Resetting SYSKEY

Resetting SYSKEY and zeroing out user passwords

Note! SYSKEY resetting is unsafe operation that affects the whole system security. For example after SYSKEY is reset, even if you can logon your system, you will not be able to decrypt your EFS protected files.

There are a number of programs in the Net that proclaim they can reset SYSKEY. But none of them works correctly at the moment. The reason is that SYSKEY resetting requires a lot of additional operations for your system to prevent it from being broken. For example you need also to zero out SAM domain session key(s), reencrypt and reset local user hashes, LSA secrets, etc. Reset Windows Password has 2 algorithms for resetting SYSKEY. Once the primary one fails, another one runs. After SYSKEY is reset, all local user passwords will be set to blank automatically.

After resetting SYSKEY on a Windows 8 machine, you should change password for every LiveID account to a non-empty one. Otherwise you will not be able to logon the system with empty password.