Unable to use WDE Admin Passphrase on Encrypted Disk


Article ID: 158841


Updated On:


Drive Encryption Encryption Management Server


When attempting to use the WDE Admin passphrase on an encrypted disk, authentication fails with the error Incorrect passphrase. However, when verifying the passphrase using the pgpwde --auth command, the passphrase is verified successfully.

Incorrect passphrase


 This issue may be caused by corrupt Consumer Policy settings in Symantec Encryption Server. 


Use the following steps to resolve this issue

  1. On Symantec Encryption Management Server,  click Consumer > Consumer Policy.
  2. Create a new consumer policy by cloning the existing policy which has the WDE Admin passphrase option configured by clicking Add Policy.
  3. Then in the Clone From menu, select the existing policy with the settings you would like to use as a starting point for the new policy.
  4. In the Policy Name field, type a name for the policy you are creating and then click Save.
  5. Edit the new policy settings where appropriate and include the option for the WDE Admin passphrase option.
  6. Click the old policy which includes the WDE Admin option and then select the Reset to Factory Defaults option at the bottom of the window.
  7. Once the policy is reset to factory default settings, configure all the settings from the existing production policy. This includes the WDE Admin passphrase option.
  8. Once the policy is configured apply this policy either existing production group or a TEST group to check and confirm the WDE admin passphrase functionality.
  9. If clients are not updating correctly with new policy, then re-enroll the client to download new policy from server. See the following article for more information. 


Applies To

Symantec Encryption Desktop (10.3.0)

Microsoft Windows 7