TechProGuild FastAnswer: Securing your Windows XP workstation with Syskey

Windows XP protects itself from unauthorized use by employing a user ID/password combination. You can further increase security by creating a secure boot floppy using Syskey. Here's how.

Save time. TechProGuild members can download the preformatted, ready-to-print version of this FastAnswer handout. The next time this problem arises in your organization, simply print and distribute the file directly to end users or members of your IT staff.

The problem

Windows XP prevents unauthorized logons by requiring a password. Sometimes password protection isn't enough, and you may require other ways to authenticate a user. Biometrics is one option, but biometric reading equipment can be expensive.

The cause

User IDs and passwords help secure a computer, but all rogue users have to do is swipe another user's ID and password, and they can do whatever they want on the computer. You've probably seen passwords, and sometimes user IDs, attached to monitors by sticky notes, so you know how secure these authentication methods are.

You can purchase things such as palm and fingerprint scanners for workstations that you want to secure, but these aren't always cost-effective and are prone to error.

The solution

Fortunately, you don't need a fingerprint scanner, retina scanner, or secure ID card to add a layer of security to your workstation. Using the Syskey utility, you can instruct your system to require a user to insert a special floppy before being able to log on to the computer. Without the floppy, you or anyone else who tries to log on will be locked out of the workstation. Here's what you have to do:

  1. Click Start, click Run, type Syskey, and click OK.
  2. From the Securing the Windows XP Account Database window that appears, click the Update button.
  3. The Startup Key window will appear. Ensure that System Generated Password is selected.
  4. Click Store Startup Key On Floppy Disk. Click OK.
  5. Make sure there is a blank floppy in the floppy disk drive.

Syskey will then create the boot floppy for you.


Once you've created the floppy disk, you'll be asked for it before accessing the Windows logon screen. If you don't have the floppy, you're out of luck and won't be able to log on. So, a word of advice: Keep the floppy on you! Make sure you make at least one copy of it and store it in a location that's safe and secure in case you lose the boot floppy or in case it becomes damaged.

Editor's Picks

Free Newsletters, In your Inbox