This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
  • RSA.com
  • Home
  • Advisories
    • SecurID
    • SecurID Governance & Lifecycle
  • Documentation
    • SecurID
      • Authentication Agents
        • API / SDK
        • Apache Web Server
        • Citrix StoreFront
        • IIS Web Server
        • MFA Agent for macOS
        • MFA Agent for Windows
        • Microsoft AD FS
        • Microsoft Windows
        • PAM
      • Authentication Engine
      • Authentication Manager
      • Cloud Authentication Service
      • Hardware Appliance
        Component Updates
      • Hardware Tokens
      • Integrations
      • SecurID App
      • SecurID Authenticator for macOS
      • SecurID SDK
      • Software Tokens
        • Android
        • iOS
        • macOS
        • Token Converter
        • Windows
    • SecurID Governance & Lifecycle
    • Technology Partners
  • Downloads
    • SecurID
      • Authentication Agents
        • API / SDK
        • Apache Web Server
        • Citrix StoreFront
        • IIS Web Server
        • MFA Agent for macOS
        • MFA Agent for Windows
        • Microsoft AD FS
        • Microsoft Windows
        • PAM
      • Authentication Engine
      • Authentication Manager
      • Cloud Authentication Service
      • Hardware Appliance
        Component Updates
      • Hardware Tokens
      • Integrations
      • SecurID Authenticator for macOS
      • Software Tokens
        • Android
        • iOS
        • macOS
        • Token Converter
        • Windows
    • SecurID Governance & Lifecycle
  • Community
    • SecurID
      • Blog
      • Discussions
      • Events
      • Idea Exchange
      • Knowledge Base
    • SecurID Governance & Lifecycle
      • Blog
      • Discussions
      • Events
      • Idea Exchange
      • Knowledge Base
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Ideas & Suggestions
      • Community Support Articles
      • Community Support Forum
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Education
    • Blog
    • Browse Courses
      • SecurID
      • SecurID Governance & Lifecycle
    • Certification Program
    • New Product Readiness
    • Student Resources
Sign In Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
  • SecurID Community
  • :
  • Products
  • :
  • SecurID
  • :
  • Discussions
  • :
  • SecurID asking for "device password" (one was never set)
  • Options
    • Subscribe to RSS Feed
    • Mark Topic as New
    • Mark Topic as Read
    • Float this Topic for Current User
    • Bookmark
    • Subscribe
    • Mute
    • Printer Friendly Page
BrandonPhelan
BrandonPhelan Beginner
Beginner
‎2016-06-07 12:28 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

SecurID asking for "device password" (one was never set)

Jump to solution

So I built a Windows 10 image for my company and included the RSA SecurID software in the image (I installed the software under the built-in Administrator account and did not configure anything in it).  Then I used Sysprep to generalize the image and then I captured it to a .wim file.

 

After deploying the .wim file to a company laptop using SCCM (which automatically joins the laptop to the domain), I logged into a domain account.  When I opened SecurID, it prompted me for a device password.  The exact error was

 

"The token database on your hard drive is protected by a password"

 

The thing is...I never set a password.  I eventually fixed the issue by uninstalling and reinstalling the software while logged into a domain account.  But this still doesn't explain why the issue happened in the first place.  This is extremely frustrating.

 

Any help or insight is greatly appreciated.

 

Thank you,

Brandon

  • Tags:
  • Community Thread
  • Discussion
  • Forum Thread
  • RSA SecurID
  • RSA SecurID Access
  • SecurID
0 Likes
Share
Reply
  • All forum topics
  • Previous Topic
  • Next Topic
1 Solution

Accepted Solutions
JayGuillette
Apprised Contributor JayGuillette Apprised Contributor
Apprised Contributor
‎2016-06-07 04:41 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

If you did not put a Password on the Soft Token when you distributed it, or if you do not have a token imported yet, Then this password prompt really means Windows cannot figure out the decryption of the Token database, which by default is based on some specifics to that Windows platform, including some registry entries, which are no longer the same after Sysprep generalizes the PC.  You might get lucky following Knowledge Base KB article - 32832 | How to disable device password on the windows software token application 4.1, which you could find on this site, but the 'fix' in this KB is to Create a DWORD entry DisableSetDevicePassword with data value of 1 under

     Registry Location: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\Software Token

View solution in original post

1 Like
Share
Reply
2 Replies
BrandonPhelan
BrandonPhelan Beginner
Beginner
‎2016-06-07 12:58 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

Problem solved by deleting the database file named RSASecurIDStorage under the "C:\Users\Default\AppData\Local\RSA\RSA SecurID Software Token Library”

 

Apparently Sysprep corrupts the database.  By deleting the database on the default user account before logging in as any domain user, this problem gets solved.

3 Likes
Share
Reply
JayGuillette
Apprised Contributor JayGuillette Apprised Contributor
Apprised Contributor
‎2016-06-07 04:41 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

If you did not put a Password on the Soft Token when you distributed it, or if you do not have a token imported yet, Then this password prompt really means Windows cannot figure out the decryption of the Token database, which by default is based on some specifics to that Windows platform, including some registry entries, which are no longer the same after Sysprep generalizes the PC.  You might get lucky following Knowledge Base KB article - 32832 | How to disable device password on the windows software token application 4.1, which you could find on this site, but the 'fix' in this KB is to Create a DWORD entry DisableSetDevicePassword with data value of 1 under

     Registry Location: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\Software Token

1 Like
Share
Reply
Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • Customer Success
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Provide Feedback
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.