How can you determine whether Syskey has or has not been applied to enhance NT's security? You can set down at the console of each NT and issue the Syskey command. The Syskey command will tell you whether it is in place, and if it is, whether the startup key is stored locally on the hard drive; startup key must be entered at the console at boot; or the startup key is stored on a floppy disk which must be inserted in the floppy drive when the system prompts for the diskette. Not a realistic solution if you have hundreds of systems spread around the country.
How does NT know that Syskey has been applied to a system? The presence of the SecureBoot value means Syskey has been applied. Its value reveals the method Startup Key must be accessed:
Value: 0x1 Startup Key stored on local hard drive
Value: 0x2 password Startup Key
Value: 0x3 Startup Key stored on floppy disk