This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
BrandonPhelan
Beginner
Beginner
‎2016-06-07 12:28 PM

SecurID asking for "device password" (one was never set)

Jump to solution

So I built a Windows 10 image for my company and included the RSA SecurID software in the image (I installed the software under the built-in Administrator account and did not configure anything in it).  Then I used Sysprep to generalize the image and then I captured it to a .wim file.

 

After deploying the .wim file to a company laptop using SCCM (which automatically joins the laptop to the domain), I logged into a domain account.  When I opened SecurID, it prompted me for a device password.  The exact error was

 

"The token database on your hard drive is protected by a password"

 

The thing is...I never set a password.  I eventually fixed the issue by uninstalling and reinstalling the software while logged into a domain account.  But this still doesn't explain why the issue happened in the first place.  This is extremely frustrating.

 

Any help or insight is greatly appreciated.

 

Thank you,

Brandon

0 Likes
Reply
1 Solution

Accepted Solutions
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
‎2016-06-07 04:41 PM

Jump to solution

If you did not put a Password on the Soft Token when you distributed it, or if you do not have a token imported yet, Then this password prompt really means Windows cannot figure out the decryption of the Token database, which by default is based on some specifics to that Windows platform, including some registry entries, which are no longer the same after Sysprep generalizes the PC.  You might get lucky following Knowledge Base KB article - 32832 | How to disable device password on the windows software token application 4.1, which you could find on this site, but the 'fix' in this KB is to Create a DWORD entry DisableSetDevicePassword with data value of 1 under

     Registry Location: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\Software Token

View solution in original post

Reply
2 Replies
BrandonPhelan
Beginner
Beginner
‎2016-06-07 12:58 PM

Jump to solution

Problem solved by deleting the database file named RSASecurIDStorage under the "C:\Users\Default\AppData\Local\RSA\RSA SecurID Software Token Library”

 

Apparently Sysprep corrupts the database.  By deleting the database on the default user account before logging in as any domain user, this problem gets solved.

Reply
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
‎2016-06-07 04:41 PM

Jump to solution

If you did not put a Password on the Soft Token when you distributed it, or if you do not have a token imported yet, Then this password prompt really means Windows cannot figure out the decryption of the Token database, which by default is based on some specifics to that Windows platform, including some registry entries, which are no longer the same after Sysprep generalizes the PC.  You might get lucky following Knowledge Base KB article - 32832 | How to disable device password on the windows software token application 4.1, which you could find on this site, but the 'fix' in this KB is to Create a DWORD entry DisableSetDevicePassword with data value of 1 under

     Registry Location: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\Software Token

Reply
© 2022 RSA Security LLC or its affiliates. All rights reserved.