syskey
     
         a utility that
        encrpyts the hashed password information in a sam
        database using a 128-bit encryption key.
     
        syskey was an optional feature added in windows nt 4.0 sp3.
        it was meant to protect against offline password cracking
        attacks so that the sam database would still be secure even if
        someone had a copy of it.  however, in december 1999, a
        security team from bindview http://www.bindview.com/ found
        a security hole in syskey which indicates that a certain form
        of cryptoanalytic attack is possible offline.  a
        brute-force attack then appeared to be possible.
     
        microsoft later collaborated with bindview to issue a fix
        dubbed the 'syskey bug' which appears to have been settled
        and syskey pronounced secure enough to resist brute-force
        attack.
     
        according to todd sabin of the bindview team razor, the
        pre-rc3 versions of windows 2000 were also affected.
     
        bindview security advisory
        http://packetstorm.securify.com/9912-exploits/bindview.syskey.txt.
     
        bindview press release
        http://www.bindview.com/news/99/1222.html.
     
        microsoft bulletin
        http://www.microsoft.com/security/bulletins/ms99-056.asp.
     
        2000-07-16
     
     
see also:
encrpyts hashed password sam encryption key windows nt 
offline cracking lt;bindviewgt; cryptoanalytic brute-force attack 
windows 2000 lt;bindview security advisorygt; lt;bindview press releasegt; lt;microsoft bulletingt;