Protect the Account Database with Syskey
Passwords in the password database are encrypted. Syskey is a utility that is used by default to provide additional protection. The Syskey utility does the following:
Encrypts the password database with a 128-bit cryptographically random encryption key.
Encrypts the password encryption key with a system key.
Allows storage of the system key in three different ways.
If configured in “not stored” or “stored on floppy disk” mode, Syskey can protect the system from unauthorized reboot.
There are three options for the storage of the system key:
Locally— A system key is generated by the system and stored on the hard drive using a complex obfuscation algorithm. No intervention is needed at startup. This is the ...