New Web Email Protection or PDF Email Protection account is immediately locked out
search cancel

New Web Email Protection or PDF Email Protection account is immediately locked out

book

Article ID: 230526

calendar_today

Updated On:

Products

Encryption Management Server Gateway Email Encryption PGP Command Line PGP Encryption Suite PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK Desktop Email Encryption Drive Encryption Endpoint Encryption File Share Encryption

Issue/Introduction

If a new PGP Encryption Server (Symantec Encryption Management Server) Web Email Protection or PDF Email Protection user enters their passphrase incorrectly multiple times and is locked out, the PGP Server administrator can unlock the external user account or reset its passphrase using the administration console.

If the external user continues to experience problems logging in, the user may request that their account is deleted. The next time an internal user sends the external user an email, the account is created again automatically.

However, the external user finds that their newly created account is still locked out.

Environment

PGP Encryption Server release 10.5 MP2 and below.

Resolution

Upgrade to release 10.5 MP3 or above.

In release 10.5 MP2 and below, the passphrase history of an external user is retained when a new external user with the same email address is created. This means that even if an external user account is deleted, a new account with the same email address will inherit the passphrase history of the deleted account. If the deleted account was locked out, so will the new account.

Starting in release 10.5 MP3, when a new external user account is created, the passphrase history of any account with the same email address is cleared automatically.

Additional Information

EPG-24709