This article explains how to change a PGP Whole Disk passphrase via Terminal for Mac OS X.
To change the passphrase to a PGP Whole Disk Encryption user:
Option 1 - Change the passphrase of a user when existing passphrase is known:
Step 1 - Run the following command:
pgpwde --list-user --disk x (where x is the disk number in question. Typically the boot disk is disk 0)
Make note of the Name of the user, as well as if the user has a "domain" associated to the user. If there is no domain listed, the --domain argument is not needed in any further commands. If there is a domain, the --domain argument will be necessary, followed by the domain listed in quotes. For Mac systems, the domain field is typically the hostname of the Mac computer.
CAUTION: If a system hostname has special characters in it, such as "Bob's MacBook Pro", for DNS, the apostrophe character is removed as this is an unsupported character, however the pgpwde utility will convert this into a character that may not be possible to be typed via Terminal as it may be using a form of unicode characters. If this is the case, copy and paste the domain name into the command using command+c (copy), and command+v (paste). This should allow the command to complete successfully.
Step 2 - Type the following command all as one command:
When prompted to "Enter passphrase", just press enter to skip to the "Enter Admin passphrase" prompt. Enter the WDRT here.
No text is seen when entering the passphrase here, so it may be difficult or take multiple attempts to successfully change the passphrase of an existing user with a WDRT.
TIP: When entering the WDRT, it is possible to enter the string with or without the dashes.
NOTE: When using WDRTs, as soon as the client is able to communicate with the server, a new WDRT will be sent to the server, even if the previous command did not perform what was intended. In other words, it may be necessary in testing to check the server to ensure the WDRT that is being used, is still valid and can be used to authenticate.
TIP: Starting with 10.3.0 MP3 (Build 9307), using a WDRT via the UI will allow a user to change his/her passphrase. This was not possible with previous versions (etrack 3146228). To do so, follow these steps:
1. Open Symantec Encryption Desktop.
2. Click on the encrypted drive under "PGP Disk", the users will be displayed.
3. Right-click (ctrl+click) on the user which passphrase needs to be changed, and click "Change User Passphrase...".
4. In the passphrase prompt field, enter the WDRT for the user's disk and click OK.
5. The "Create New Whole Disk User" prompt will appear. Enter a new passphrase for the user and click "OK". This will change the passphrase of the existing user.
Imported Document ID: TECH161944
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.