Symantec PGP Encryption

We are using SED v10.3.2 with SSO under Windows 8.1. When we initially installed SED, our SSO passphrases were synchronized with our Windows account passwords which was very convenient. Now, we have changed our Windows password due to policy but I can find no way to re-synchronize the SSOpassphrase again. I know this has been a problem with Win7 and earlier version of the Desktop but the solutions that I have ben able to find through the forum are no longer applicable with Win 8.1 and SED 10.3. Is there something simple we can do?

Hello,

When changing your Windows password while using SED, use the CTRL-ALT-DEL method to change your password.  Reboot the computer and the new password will sync with Bootguard.  IF you changed your password through a different method.  Open the PGP Desktop and go to PGP Disk, Encrypt Disk or Partition and delete your SSO user and re-create the user in the same Windows session.  Once created then reboot the computer and your SSO and password will re-sync with Bootguard.

Thanks

Anthony

Thank you for this Anthony. As you can tell, I am VERY new to PGP/SED. Unless I am doing something completely stupid, Windows 8.1 doesn't seem to support the CTRL+ALT+DEL method of changing password (I just get the usual LOCK/SWITCH USER/SIGN OUT/TASK MANAGER options). 

The Delete SSO user method resulted in a message that said I couldn't delete the last SSO user on the system (I am the only user of the PC) so can you tell me if it works if I create the new user and then delete the old one? I guess there could be problems with conflicting user names.

I also tried the Change Passphrase... option in PGP Desktop and that just resulted in a message telling me to use Windows to change the SSO password.

Steve

Hi Steve,

The next step is to create another passphrase user to add to the disk.  Once you add another user to the disk then you should be able to delete the SSO user and re-create.

Open PGP Desktop (SED) Go to PGP Disk, Encrypt disk or Partition, on the lower right hand corner click on New passphrase user and when creating select 2nd option for passphrase user which this is a passphrase you create.  Follow the prompts until the user is created.  PGP will ask for a passphrase before adding the user to the disk which this is your SSO user's passphrase on the disk.  Previous Windows password.

Once the user is added then you can delete the SSO user and PGP will ask for a passphrase which you'll use the new passphrase user's password just created to remove the SSO user.

Re-create the SSO user and once added to the disk then you can do a reboot and SSO should work.

Windows 8.1 should have the option to change password when using the Ctrl-Alt-Del method.

Check your Group Policy:

GPEDIT.MSC". Under User Configuration > Administrative Templates > System, you will see "Ctrl-Alt-Del Options". You can configure any or all of the 4 policies:
Remove Change Password
Remove Lock Computer
Remove Task Manager
Remove Logoff

Thanks

Anthony

Hi Anthony

The PGP Desktop method worked. Thanks for that. However, GPEDIT seems to work in that it shows that the change has been made but it has no effect because CTRL-ALT-DEL still does not provide the "Change Password" option. I guess I have another Microsoft Nanny policy element somewhere that is preventing that from happening.

Nevertheless, problem solved!!

Steve