Print

Print


Hi Helen,

I believe I have recreated this problem on my MBP. 

Please consider this a "your miles may vary" sort of solution.  It has worked for me, and I'd like to know if it works for you.  Of course, I suggest that you make sure your backups are up to date before you install or start altering settings in PGP Desktop, since the possibility exists that you could lock yourself out of your own system.

It appears that the old password (or phrase) is cached somewhere in PGP's settings, or perhaps in the login keychain (although I haven't seen where.)  This passphrase is used to protect new key pairs in PGP Desktop - something PGP Desktop for Mac seems to create frequently, even though it appears to have little or nothing to do with Whole Disk Encryption, the function for which we purchased this product.

If you haven't used the keys in PGP Desktop to encrypt anything, then you should be able to delete them without any ill effects.  Those keys are not used for Whole Disk Encryption, but to encrypt files or email.

After deleting them, reboot your system and log in.  You will once again be prompted to unlock newly generated keys, using your old password (grumble, didn't I just *delete* those for a reason?!) 

Now, open PGP Desktop. Under Keys, there should be only one key associated with your name that is not revoked.  Context-click (option-click, as you may prefer) that key, and select "Show Key Info ..."





Once in the key info window, select the "Change Passphrase" icon.




Enter your old passphrase and change it to the new passphrase.

At this point, you should be able to close the "Key Info" window, and confirm that the key has changed its passphrase by context-clicking the key, selecting "Lock", then "Unlock".  It should unlock with the passphrase that you have set.

Context-click the key and select "Synchronize Key". 

Close PGP desktop, reboot, and upon login you should be asked for your new password to unlock the key(s), and not the old passwords.

Please give this a try and let me know if it works for you.

I suspect (but haven't confirmed) that it's not actually necessary for these keys's passphrases to match your NetID password, or indeed the passphrase that's used to unlock your system's disk.  Next, I'm going to try changing the key pair's passwords to something unrelated to my NetID, and storing that passphrase in my keychain, so that the system (hopefully) won't bug me about it in the future.

Jim

On 10/15/10 5:57 PM, Helen Read wrote:
[log in to unmask]" type="cite">I followed Jim Lawson's directions to simply open up the PGP Desktop application, selected my user account (the only one listed), and changed the password. This did allow me to log onto the PGP login with my new NetID password, but once logged on, I still get two pop-up windows asking for my PGP Passphrase that will only accept my old password.

So I tried following the steps documented in the blog posting (link below), but am still having the problem that after I log in I get two PGP Passphrase requests that only accept my old password. I found two entries for the PGP Passphrase in the Keychain and deleted them both, which didn't help either.

Every time I log in, I am prompted for the PGP Passphrase, and have to enter the old password, twice.

HPR



On 10/14/2010 3:59 PM, Carol Caldwell-Edmonds wrote:
  We documented that process for the Helpline techs here:

http://blog.uvm.edu/helpline/pgp-password-changes/

Look down the page for Mac OS. Would appreciate knowing if these steps
are clear and easy to follow!

Carol
Carol Caldwell-Edmonds,
Enterprise Technology Services: Client Services
Manager, UVM Computing Helpline and the Computer Depot Clinic
University of Vermont
[log in to unmask]
avatar by Shannon Edmonds
never take yourself TOO seriously...
artwork by Shannon Edmonds

On 10/14/2010 3:50 PM, Helen Read wrote:
I recently changed my NetID password. My Dell laptop with PGP is
working fine with the single-sign on. The only thing I noticed after
changing the NetID password is that I had to logon once and pick which
user (administrator or my regular profile) the first time, and now it
is logging me onto my regular profile with single-sign.

I also have a Macbook Pro with PGP, and it will only recognize my old
NetID password. How do I get it to update this, so that I can log on
with my new NetID password?