When using SYSKEY on Windows systems, what is encrypted in the password store?

The correct answer is that SYSKEY encrypts the LM hash and NT hash of passwords in the password store. SYSKEY, or System Key, is a feature in Windows that enhances the security of stored user passwords by encrypting their hashes.

When a user's password is created or changed, Windows generates a hash of that password using the LM (LAN Manager) and NT (New Technology) hash algorithms. These hashes are then stored in the Security Accounts Manager (SAM) database. By using SYSKEY, Microsoft introduced an additional layer of security where these password hashes can be encrypted, preventing simple access and making it more difficult for attackers to obtain the actual passwords even if they gain access to the SAM database.

This encryption process is crucial as it raises the overall security of the authentication mechanism within Windows operating systems, providing protection against various types of password attacks, including hash extraction and brute-forcing attempts. Therefore, the focus on encrypting the LM and NT hashes is a fundamental part of how SYSKEY operates to secure credentials on Windows systems.