Symantec Encryption Desktop (formerly PGP Desktop) hangs at BootGuard when using an USB hardware token on new Dell Latitude and Lenovo laptop models


Article ID: 157323


Updated On:


Drive Encryption


When using a USB hardware token for Whole Disk Encryption authentication, you are able to encrypt the drive by successfully adding the token user to the disk. But after rebooting the machine and attempting to authenticate with the USB token at BootGuard, it will hang and fail to load the OS on the BootGuard screen. You have to power off the laptop and use a passphrase user account to login.
Initializing token...


USB power issues due to hardware limitations. It could also be due to certain USB devices initialized by the BIOS at the preboot login screen. In some cases Symantec Engineering has been able to workaround the issue by excluding certain devices from initializing (such as the USB webcam) at the preboot authentication screen (see solution and notice regarding hardware above).


Note: In some cases this issue has been addressed by Symantec by bypassing the known USB hardware to be affected at the BootGuard login screen. In order to verify that these changes work on your hardware please upgrade to Symantec Encryption Desktop 10.3.0 MP1 or later.

Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product.  Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.

The following is a list of workarounds:

- Disable USB webcam support in the BIOS setup

This doesn't work on some models unfortunately since there is no option to disable the webcam in the BIOS on this model. You can alternatively create a passphrase user account (not using the USB token for the key) to work around the issue. If you are having issues with current version of the Encryption product still on your model. Please contact Symantec Support.

- Test with an external USB powered hub

- Make sure you have the latest version of the middleware client (e.g. RSA Secure Authentication Client or SafeNet Authentication client)

- Another possible workaround:

Try disabling the problematic USB device using HOWTO84077 (see the related articles section) as a reference.


Applies To

Known hardware affected:
Workaround available (see below in solution):
·         Dell Latitude models: E6320*, E5530, E6230, E6330, and E6430**
·         Dell XPS 14
·         Dell Vostro models: 3500, v131 **
No workaround available at this time:
·         Dell XPS L702x
·         Dell Precision M6500
·         Lenovo Thinkpad SL410
Known windows platforms affected:
·         Windows XP SP3 Professional
·         Windows 7 32-bit and 64-bit SP1
Known USB tokens affected (maybe others):
·         RSA SID800
·         Aladdin eToken
* = This hardware is confirmed to work with Symantec Encryption Desktop 10.3.0 MP1 or newer (as long as you are using RSA Authentication Client version 3.5.5 or a newer SafeNet Authentication Client version)
** = This hardware will be confirmed to work in an upcoming Symantec Encryption Desktop release (as long as you are using RSA Authentication Client version 3.5.5 or a newer SafeNet Authentication Client version)