PGP BootGuard does not authenticate using updated Windows password
search cancel

PGP BootGuard does not authenticate using updated Windows password


Article ID: 153416


Updated On:


Symantec Products


When using the Single Sign-On feature of PGP WDE, you attempt to authenticate using your updated Windows password, but you cannot log in unless you use your old Windows password at the PGP BootGuard screen. Then you must use your updated Windows password to log in to Windows. This can occur due to the reasons below.


PGP Network Provider does not receive the password update

When you change your Windows password, the Microsoft Credential Manager notifies applications in the Network Providers list in Windows of the password change, but due to the order of the providers, the PGP Credential Provider (PGPpwflt) connection does not receive the password update and thereby causes the Single Sign-On feature to not work properly.

To set the order in the Windows Network Connections properties:

Windows XP

  1. Right-click My Network Places and select Properties. or click Start>Control Panel and then double-click Network Connections.
  2. Click the Advanced menu and then select Advanced Settings.
  3. Click the Provider Order tab.
  4. Under Network Providers, select the PGPpwflt entry, and click the Up arrow to move the PGP connection above any other third-party connections in the list.
  5. Click OK to apply the changes.
Windows Vista & Windows 7

  1. Click Start>Network.
  2. Select Network and Sharing Center.
  3. From the Tasks panel, click Manage network connections.
  4. Highlight your Local Area Connection.
  5. Click Advanced>Advanced Settings.

    NOTE:If the Advanced menu is not displayed, press ALT and the Advanced menu bar appears. Windows Vista may prompt your for your permission to continue.

  6. Select the Provider Order tab.
  7. Click the entry PGPpwflt.
  8. Click the Up arrow to move PGP above other third-party connections.
  9. Click OK to apply the settings.
You can confirm the password has been synchronized by rebooting the computer or by synchronizing your password using a PGP command line tool.

If the password is not updated, it may be due to a file permission issue.

PGPpwflt unable to modify the PGPWDE01 file

This issue can occur when the Microsoft Credential Manager updates the PGP Credential Provider (PGPpwflt) connection, but the PGPpwflt is unable to update a PGP file (PGPWDE01) required for the Single Sign-On feature after you change your Windows password. The PGPpwflt connection may be unable to update the required file due to the file permissions of PGPWDE01.

  1. Open Windows Explorer and click Tools>Folder Options.
  2. Click the View tab.
  3. Uncheck Hide protected Operating System Files (Recommended) and click Apply.
  4. Open the C:\ drive and browse for the PGPWDE01 file.
  5. Right-click the PGPWDE01 file and select Properties.
  6. Click the Security tab and confirm the Authenticated Users group has a minimum permission of Modify.
  7. Click OK to apply the change.
  8. Reboot the computer to confirm if the password was updated or use the pgpwde tool as referenced above to synchronize the password.
USB disk or SD card

If a USB thumb drive or SD card is inserted, a conflict may occur if the USB or SD disk is detected as Disk 0 on the system. Confirm the Windows system disk is Disk 0 in Disk Management. If the USB or SD disk displays as Disk 0, remove the disk, reboot the computer, and then change the Windows password.