SOVLED! How To Disable Syskey Windows 10

Used for Security Account Manager encryption back in the old days, Syskey is no longer secured so many Windows users search for guides on how to disable Syskey Windows 10. You also want to disable Syskey on your Windows 10 PC but have no idea where to start? Then this article could help you out. Down below is everything you must keep in mind about disabling Syskey on Windows 10. 

Disabling Syskey On Windows 10: Instructions 

If You Don’t Remember The Password 

  • Step 1: Create bootable windows media
  • Step 2: Boot from the installation medium. 
  • Step 3: Select Repair, choose System Restore and set your restore point to a time that precedes the activation of the Syskey. That won’t work but you need to do it. 
  • Step 4: Proceed to hit Command Prompt. 
  • Step 5: In Command Prompt, type regedit and press Enter.
  • Step 6: Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
  • Step 7: Locate SecureBoot, right-click it and pick Modify. 
  • Step 8: Change the value of SecureBoot to 0.
  • Step 9: Navigate to HKEY_LOCAL_MACHINE \SAM\SAM\Domains\Account then change the F value to 0000
  • Step 10: Restart your computer. 

If You Remember The Password

  • Step 1: Press Windows + R to open Run, type Syskey and hit OK. 
  • Step 2: Click update, tick the circles next to System Generated Password and Store Startup Key Locally then pick OK
  • Step 3: Enter your Syskey password on the prompt text box 
  • Step 4: Hit OK
  • Step 5: Restart your computer. 


How Should I Use Syskey?

In layman’s terms, Syskey is a discontinued encryption component built into the Windows operating system. It is designed to protect computers from offline password-cracking attacks by preventing unauthorized extractions of information. Depending on the situation, Syskey could either require users to enter the key or load the key onto removable storage devices. Bitlocker takes the place of Syskey on the latest Windows versions. 

Can Scammers Use Syskey To Lock Windows Computers?

Reports of scammers using Syskey to lock computers and demand ransoms for the unlock key appear from time to time. By taking advantage of a vulnerability, scammers manage to use Syskey to lock people out of their computers. If hackers lock you out of your computer, there’s no need to pay the ransom. Go through the steps down below to regain control over your computer. 

  • Step 1: Create a windows installation media on another computer and use it to boot your computer.
  • Step 2: On the Setup screen, press Shift + F10 to open Command Prompt. 
  • Step 3: Run the command dir [your system drive letter]
  • Step 4: Proceed to run each of these commands in Command Prompt to create a backup of the registry: 
    • mkdir [your system drive]:\regbackup
    • xcopy [your system drive]:\Windows\System32\Config [your system drive]:\regbackup /y
  • Step 5: Run the command xcopy [your system drive letter]:\Windows\System32\Config\RegBack [your system drive letter]:\Windows\System32\Config /y to restore the registry using the backup then restart your computer

Is It Possible To Bypass Syskey?

You could bypass Syskey in several ways but they all require physical access to the computer. The easiest method is to boot from a CD/USB drive then copy the Registry hives from the computer. That gives you access to encrypted data which can be decrypted using a brute-force attack. Another method is to use a keylogger to record the user’s input when they enter the Syskey password. 

What Must Be Done To Recover The Key?

The only way you can view your Syskey password is by using third-party software called Elcomsoft System Recovery. 

  • Step 1: Boot your computer to bootable storage media using Elcomsoft System Recovery. 
  • Step 2:Hit Search for SYSKEY plain text password.
  • Step 3: In Elcomsoft System Recovery, specify the disk where Windows is installed, select Next and choose Miscellaneous. 
  • Step 4: Hit SYSKEY then determine whether ESR should automatically search for the SAM database or specify its location. The latter option is faster but you have to know the exact directory of the SAM database.
  • Step 5: ESR is going to perform the necessary safety checks and warn you if a potential issue is detected. Leave the “Search…” blank. Next, hit Reset SYSKEY to wrap up the process. Last but not least, restart your computer.

Leave a Comment