Forget Syskey startup password or got trapped in Syskey scam or simply want to learn how to remove Syskey startup password with command prompt, here is the all.

Basic concepts of Syskey In Windows system, user passwords are stored in SAM (Security Accounts Management) database. This database is encrypted with a key known as System Key. To add an additional layer of security, this key is further encrypted with a key known as Syskey. In easy language, think there are two lockers. In second locker user database is kept while in first locker the key which opens second locker is kept. In order to open the second locker, we have to open the first locker. Syskey is the key of first locker.

Syskey is the primary key to access a Windows system. It can be secured with following options: - In floppy disk In this option, Syskey is stored in floppy disk. If this option is selected, the disk which contains Syskey need to be inserted in system each time when Windows boots.

In local hard disk with startup password In this option, Syskey is stored in local hard disk as a part of operating system with startup password. If this option is selected, correct startup password need to be typed each time when Windows boots. In local hard disk without any password In this option, Syskey is stored in local hard disk as a part of operating system without any password. If this option is selected, no user interaction is required when Windows boots. By default this option is selected.

Syskey is a double edge sword. In positive side, it provides an additional layer of security. In negative side, the same security can be used to lock down the system completely. Sadly it is used in negative side more than positive side. For example scammers use this utility to cheat the Windows user. Syskey scam Usually a scammer calls victim pretending himself as a Microsoft support person and makes victim to believe that his computer need to be repaired immediately. Once victim is convinced, scammer offers online support to fix the problem.

Believing that help is offered from Microsoft, victim allows scammer to access his computer remotely. In remote access session, scammer changes the default Syskey mode to With Password from Without Password and sets a password which only he knows. Once Syskey startup password is set, Windows will not boot until the correct startup password is supplied.

Now scammer asks victim to pay the ransom money. Since Syskey startup password cannot be changed, updated or removed unless the original password is obtained from scammer, victim usually pays ransom money to unlock the Windows. Good news is that Microsoft has removed Syskey from Windows 10 and Windows Server 2016 Fall Creators Update. So if you are using these versions, just update the Windows and forget about this. But if you are using any lower version of Windows or cannot update Windows right now or already stuck in Syskey startup password lockdown situation, use this tutorial to deal with Syskey scam in the best possible way. Dealing with Syskey scam For demonstration purpose, I will use all four major versions of Windows (XP, 7, 8.1 and 10) which are heavily affected by Syskey scam. To simulate the Syskey lockdown situation, let’s enable it in all Windows.

Enabling Syskey in Windows. Access Run or Search box and type Syskey and press Enter key. In XP this will bring main Syskey application while in remaining Windows this will bring Syskey application shortcut. Fritz Wlan Stick Driver Windows 7.

Click Syskey shortcut to launch Syskey main application in remaining Windows. From Vista, Windows introduced a new security feature known as UAC (User Access Control). This feature let an application starts only if it is permitted by user. Click Yes to confirm the access of Syskey. Once Syskey is launched, remaining process is exactly same in all versions.

Click Update button. By default, Store Startup Key Locally option is selected. Change it to Password Startup and set a password.

Click Ok to confirm the action and close the Syskey utility. Now restart the Windows. Since Syskey startup password is configured, Windows will not start until correct startup password is supplied. As we can see in above figure, there are only two options; either provides the correct Syskey startup password or restart the Windows which will bring us back on the same screen.

Removing Syskey startup password in Windows. There are four ways to remove the Syskey startup password: - • Using Windows default backup to restore the original Syskey configuration • Using third party Syskey removal tools to clear the Syskey startup password • Using registry key to disable Syskey startup password • Reinstalling Windows without losing any data Using Windows default backup to remove the Syskey password Depending on triggers and settings, Windows automatically takes the backup of critical system files including registry hives. During the backup, configuration files and registry hives which control the boot process and authenticate the login process are copied in Windows System32 config RegBack folder from Windows System32 config folder. Following figure shows RegBack folder without backup Following figure shows RegBack folder with backup Have you noticed any difference between both figures? In first figure, which shows RegBack folder without backup, files are empty while in second figure, which shows RegBack folder with backup, files are not empty.