The problem resolved itself, but I am not entirely sure why. I no longer
get the two PGP passphrase prompts after logging in. I *think* they went
away after I cleared up another issue -- namely, whenever I logged in I
got error messages that it couldn't connect to sidney.cems.uvm.edu (the
old CEMS file server), even though I had deleted it out of Favorite
Servers. Turns out I had put the map-to-sidney in the Login Items, which
never worked anyway if I was connecting to UVM wireless. It tried to map
before I was logged in to UVM, and threw up an error message. So, once I
removed sidney from Login Items, PGP stopped asking for the old passphrase.
And as for the new CEMS server, I did not put that in the Login Items,
because it's just too annoying getting the failure message when I'm
connecting to wireless -- which is most of the time. Mac OS just doesn't
have a sense of humor about disconnected drives like Windows does. Oh,
well. At least the PGP issue is fixed, and I can still map the drive
manually each time I log in.
On 10/16/2010 2:08 PM, Jim Lawson wrote:
> Hi Helen,
> I believe I have recreated this problem on my MBP.
> Please consider this a "your miles may vary" sort of solution. It has
> worked for me, and I'd like to know if it works for you. Of course, I
> suggest that you make sure your backups are up to date before you
> install or start altering settings in PGP Desktop, since the possibility
> exists that you could lock yourself out of your own system.
> It appears that the old password (or phrase) is cached somewhere in
> PGP's settings, or perhaps in the login keychain (although I haven't
> seen where.) This passphrase is used to protect new key pairs in PGP
> Desktop - something PGP Desktop for Mac seems to create frequently, even
> though it appears to have little or nothing to do with Whole Disk
> Encryption, the function for which we purchased this product.
> If you haven't used the keys in PGP Desktop to encrypt anything, then
> you should be able to delete them without any ill effects. Those keys
> are not used for Whole Disk Encryption, but to encrypt files or email.
> After deleting them, reboot your system and log in. You will once again
> be prompted to unlock newly generated keys, using your old password
> (grumble, didn't I just *delete* those for a reason?!)
> Now, open PGP Desktop. Under Keys, there should be only one key
> associated with your name that is not revoked. Context-click
> (option-click, as you may prefer) that key, and select "Show Key Info ..."
> Once in the key info window, select the "Change Passphrase" icon.
> Enter your old passphrase and change it to the new passphrase.
> At this point, you should be able to close the "Key Info" window, and
> confirm that the key has changed its passphrase by context-clicking the
> key, selecting "Lock", then "Unlock". It should unlock with the
> passphrase that you have set.
> Context-click the key and select "Synchronize Key".
> Close PGP desktop, reboot, and upon login you should be asked for your
> new password to unlock the key(s), and not the old passwords.
> Please give this a try and let me know if it works for you.
> I suspect (but haven't confirmed) that it's not actually necessary for
> these keys's passphrases to match your NetID password, or indeed the
> passphrase that's used to unlock your system's disk. Next, I'm going to
> try changing the key pair's passwords to something unrelated to my
> NetID, and storing that passphrase in my keychain, so that the system
> (hopefully) won't bug me about it in the future.
> On 10/15/10 5:57 PM, Helen Read wrote:
>> I followed Jim Lawson's directions to simply open up the PGP Desktop
>> application, selected my user account (the only one listed), and
>> changed the password. This did allow me to log onto the PGP login with
>> my new NetID password, but once logged on, I still get two pop-up
>> windows asking for my PGP Passphrase that will only accept my old
>> So I tried following the steps documented in the blog posting (link
>> below), but am still having the problem that after I log in I get two
>> PGP Passphrase requests that only accept my old password. I found two
>> entries for the PGP Passphrase in the Keychain and deleted them both,
>> which didn't help either.
>> Every time I log in, I am prompted for the PGP Passphrase, and have to
>> enter the old password, twice.
>> On 10/14/2010 3:59 PM, Carol Caldwell-Edmonds wrote:
>>> We documented that process for the Helpline techs here:
>>> Look down the page for Mac OS. Would appreciate knowing if these steps
>>> are clear and easy to follow!
>>> Carol Caldwell-Edmonds,
>>> Enterprise Technology Services: Client Services
>>> Manager, UVM Computing Helpline and the Computer Depot Clinic
>>> University of Vermont
>>> [log in to unmask]
>>> avatar by Shannon Edmonds
>>> never take yourself TOO seriously...
>>> artwork by Shannon Edmonds
>>> On 10/14/2010 3:50 PM, Helen Read wrote:
>>>> I recently changed my NetID password. My Dell laptop with PGP is
>>>> working fine with the single-sign on. The only thing I noticed after
>>>> changing the NetID password is that I had to logon once and pick which
>>>> user (administrator or my regular profile) the first time, and now it
>>>> is logging me onto my regular profile with single-sign.
>>>> I also have a Macbook Pro with PGP, and it will only recognize my old
>>>> NetID password. How do I get it to update this, so that I can log on
>>>> with my new NetID password?