USE SYSKEY ON WINDOWS 7 TO ENCRYPT THE SAM TO HARDENING SYSTEM Very few netbook computers support BitLocker, which means that they are Date: 25/10/2013 vulnerable to utilities that allow you to boot from a USB device and reset the local Source: LINK Permalink: LINK administrator password. The way to ensure that this type of attack doesn’t work is Document Version: 1.0 to use SYSKEY to encrypt the SAM database. Total Chars: 1937 Total Words: 369 Created by: HeelpBook Page: 1 Obviously this solution can be used even on laptops and desktop computers. SYSKEY is a tool that has been around for some time on Windows client operating systems, but most administrators don’t bother using it because it makes recovering a computer difficult in the event that auser forgets their password. In some cases you want to do all that you can do to protect the data on a netbook computer. To do this, you should use SYSKEY to encrypt the SAM database and use EFS to encrypt any locally stored files and folders. To accomplish this, perform the following steps: Log on to Windows 7 with an account that has local administrator access. Type SYSKEY into the textbox on the start menu. Click OK at the UAC prompt. Select the Encryption Enabled Option. Select the Password Startup Option. Enter the Startup Password that must be entered each time. Reboot the computer. From now on the Startup Password must be entered to unlock the SAM database before local logon will be allowed. Visit Us: http://www.heelpbook.net Follow Us: https://twitter.com/HeelpBook CHECK IF SYSKEY IS ENABLED The easiest way to find out whether an NT machine has Syskey enabled is to type… Date: 25/10/2013 syskey Source: LINK Permalink: LINK Document Version: 1.0 Total Chars: 1937 …at the command prompt (cmd.exe). This command brings up the Securing the Total Words: 369 Created by: HeelpBook Windows NT Account Database dialog box that Figure 1 shows, which indicates Page: 2 whether Syskey encryption is enabled. Alternatively, you can check for the registry value: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControl- Set\Control\Lsa\Secureboot If the Secureboot value (of type REG_DWORD) exists and is set to a value of 0×1, 0×2, or 0×3, Syskey is enabled on the system. Visit Us: http://www.heelpbook.net Follow Us: https://twitter.com/HeelpBook .