Breaking a systematic password

Question

Saturday, 2nd April 2016 - somewhere several meters below surface

"Report, agent."

"Mission 'Capture the bird' was not fully successful, sir. The surprise raid yesterday night encountered unexpected resistance. While the bodyguards were neutralized, the enemy agent managed to swallow a suicide capsule. There will be no chance of interrogation, I'm afraid."

"Not fully successful, you say? I would call that a complete disaster! Vital information is now irretrievably lost to us!"

"Not quite, Sir. We managed to retrieve the personal laptop of the agent. It should hold all the data. It is, naturally, encrypted and locked by a high-security system, though."

"And we have the passcode?"

"Not yet, but we are lucky. It is one of our bugged laptops which has a key-logger installed. So we have all keystrokes right from the first boot-up after buying it, Sir. A copy is stored on your computer."

"Excellent. Nobody has touched the laptop since it was taken?"

"Correct, Sir."

"Well, let's fire it up then."

...

"Interesting, this is not a standard OS boot. Well, here comes a prompt..."

"What was the last used keyword according to the log?"

"That would be the eight-letter sequence K.Q.Y.E.K.G.I.S, Sir. All capital letters."

"Hmm, lets give it a try then..."

...

beep!

...

"Damn it. Would have been too nice, wouldn't it? Maybe we'd better leave this to some experts. Call Mr.S, will you? He should take care from here."

"At once, Sir."

---

You are Mr.S.
From the information provided, can you tell what security code needs to be entered at this moment now?

The key-logger's complete log can be found below. Unfortunately there has been a bit of data-loss. Corrupted characters are marked as ~.

logged 11/03/2016 10:45:45  cmd
logged 11/03/2016 10:45:52  E:
logged 11/03/2016 10:46:13  c~ SAAETOOS
logged 11/03/2016 10:46:19  s~~up /i:2 /l:8 /dc:1 /fc:1
logged 11/03/2016 12:02:44  shutdown -r
logged 11/03/2016 12:05:02  ~C~GK~~S
logged 11/03/2016 14:15:05  B~~~K~~~
logged 11/03/2016 16:23:32  ~~~~KM~~
logged 12/03/2016 09:02:12  W~~~~QUA
logged 12/03/2016 19:32:09  WC~~~Q~~
logged 12/03/2016 23:02:02  ~~EKO~UA
logged 13/03/2016 00:11:56  ~~EKO~UA
logged 13/03/2016 00:12:32  SWYCEIW~
logged 13/03/2016 11:37:01  SWY~~~WA
logged 13/03/2016 18:03:20  SWYCE~~A
logged 14/03/2016 08:00:04  GISUAGKQ
logged 14/03/2016 15:03:34  GISUAGKQ
logged 14/03/2016 20:20:04  GIUSAGKQ
logged 14/03/2016 20:21:14  WYIKOQCO
logged 14/03/2016 23:41:11  WYIKOQCO
logged 15/03/2016 13:59:51  SUYEGQWC
logged 16/03/2016 09:19:22  IKQUWGUY
logged 17/03/2016 11:23:17  AESYIKOU
logged 19/03/2016 07:30:19  CIOSYGKS
logged 20/03/2016 10:26:10  CEOQWAGO
logged 20/03/2016 16:46:59  CEOQWAGO
logged 20/03/2016 22:00:01  VEOQQAGO
logged 20/03/2016 22:01:13  SUYKSWEI
logged 21/03/2016 07:58:33  OACUAKQW
logged 22/03/2016 07:57:13  YEOUACIO
logged 23/03/2016 08:01:41  SUGQSWCI
logged 23/03/2016 10:04:20  SUGQWSCI
logged 23/03/2016 10:04:30  SUGQSWCI
logged 23/03/2016 10:05:13  YEKOWCGO
logged 23/03/2016 19:49:46  YEKOWCGO
logged 24/03/2016 09:29:33  SGQCEOQU
logged 24/03/2016 23:57:12  SGQCEOQU
logged 25/03/2016 18:15:00  WGUYAESW
logged 26/03/2016 13:10:00  YCWAISAE
logged 29/03/2016 11:00:04  KQEIOUCI
logged 30/03/2016 16:01:30  UYEGQSYI
logged 31/03/2016 19:20:10  KUWCUYAE
logged 01/04/2016 10:01:59  KQYEKGIS
logged 01/04/2016 21:44:00  KQYEKGIS

---

Clarifications

The puzzle is contained in the key-logger. Story and other text provide additional context which can be helpful. Spelling mistakes are just that: Mistakes (feel free to edit the questions, if they hurt you.)

Answer 1

Updated after the question's correction

I think the next valid password is

GIOAKCEI

Reasoning:

Here is a possible recovery of most of the missing and mistyped characters: I also added if the password seem to pass or fail (based on the difference between the current and the next timestamp: an attempt is considered fail if there was another attempt right after it)

11/03/2016 10:45:45 cmd
11/03/2016 10:45:52 E:
11/03/2016 10:46:13 cd SAAETOOS
11/03/2016 10:46:19 setup /i:2 /l:8 /dc:1 /fc:1
11/03/2016 12:02:44 shutdown -r
11/03/2016 12:05:02 BC~GKM~S pass
11/03/2016 14:15:05 BC~GKM~S pass
11/03/2016 16:23:32 BC~GKM~S pass
12/03/2016 09:02:12 WCEKOQUA pass
12/03/2016 19:32:09 WCEKOQUA pass
12/03/2016 23:02:02 WCEKOQUA pass
13/03/2016 00:11:56 WCEKOQUA fail
13/03/2016 00:12:32 SWYCEIWA pass
13/03/2016 11:37:01 SWYCEIWA pass
13/03/2016 18:03:20 SWYCEIWA pass
14/03/2016 08:00:04 GISUAGKQ pass
14/03/2016 15:03:34 GISUAGKQ pass
14/03/2016 20:20:04 GIUSAGKQ fail
14/03/2016 20:21:14 WYIKOQCO pass
14/03/2016 23:41:11 WYIKOQCO pass
15/03/2016 13:59:51 SUYEGQWC pass
16/03/2016 09:19:22 IKQUWGUY pass
17/03/2016 11:23:17 AESYIKOU pass
19/03/2016 07:30:19 CIOSYGKS pass
20/03/2016 10:26:10 CEOQWAGO pass
20/03/2016 16:46:59 CEOQWAGO pass
20/03/2016 22:00:01 VEOQWAGO fail
20/03/2016 22:01:13 SUYKSWEI pass
21/03/2016 07:58:33 OACUAKQW pass
22/03/2016 07:57:13 YEOUACIO pass
23/03/2016 08:01:41 SUGQSWCI pass
23/03/2016 10:04:20 SUGQWSCI fail
23/03/2016 10:04:30 SUGQSWCI fail
23/03/2016 10:05:13 YEKOWCGO pass
23/03/2016 19:49:46 YEKOWCGO pass
24/03/2016 09:29:33 SGQCEOQU pass
24/03/2016 23:57:12 SGQCEOQU pass
25/03/2016 18:15:00 WGUYAESW pass
26/03/2016 13:10:00 YCWAISAE pass
29/03/2016 11:00:04 KQEIOUCI pass
30/03/2016 16:01:30 UYEGQSYI pass
31/03/2016 19:20:10 KUWCUYAE pass
01/04/2016 10:01:59 KQYEKGIS pass
01/04/2016 21:44:00 KQYEKGIS pass
02/04/2016 ??:??:?? KQYEKGIS fail (the one that you typed with your boss)

It seems passwords are changing every midnight, and also when there is a failed login. @Mr.Burns added an explanation in his comment how these are related to the setup parameters.

The set of characters being used seem to be odd-numbered letters of alphabet: ACEGIKMOQSUWY (the only exception is the B typed in the second attempt - but that can be a typo). Maybe this relates to parameter 'i=2'?

So it seems the list of correct keys in order is the following:
BC~GKM~S
WCEKOQUA
[missing]
SWYCEIWA
GISUAGKQ
WYIKOQCO
SUYEGQWC
IKQUWGUY
AESYIKOU
[missing in case of dc stands for day count and not for day change]
CIOSYGKS
CEOQWAGO
SUYKSWEI
OACUAKQW
YEOUACIO
SUGQSWCI
[missing]
YEKOWCGO
SGQCEOQU
WGUYAESW
YCWAISAE
[missing in case of dc stands for day count and not for day change]
[missing in case of dc stands for day count and not for day change]
KQEIOUCI
UYEGQSYI
KUWCUYAE
KQYEKGIS
[missing]
[the one to guess]

If we convert the first letters to numbers according to where they are in the alphabet, the first password turns into: 2, 3, ?, 7, 11, 13, ?, 19.
This pattern wasn't too hard to recognize: 2, 3, 5, 7, 11, 13, 17, 19 are the first prime numbers. The next password confirmed my natural suspicion, that the keywords are the list of prime numbers modulo 26, converted to letters.

After that it was easy to check if dc stands for day change or day count:
AESYIKOU stands for 313, 317, 331, 337, 347, 349, 353, 359, and
CIOSYGKS perfectly matches 367, 373, 379, 383, 389, 397, 401, 409,
so it seems there isn't an automatic password update after a day without login, dc stands for day change.
(And by the way, i:2 is probably for initialization, primes are listed from 2)

So then the question reduced to finding primes indexed 201 to 208.
Those are 1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283.
Modulo 26: 7, 9, 15, 1, 11, 3, 5, 9.
Transformed to letters: G, I, O, A, K, C, E, I.