Certain special characters do not work properly unless escaped when used via Symantec Drive Encryption (previously PGP Whole Disk Encryption) Command Line
Last Updated June 27, 2014
When you run the pgpwde --add-user or pgpwde --secure command at a Microsoft Windows command prompt, the passphrase is accepted when entered as input on the Command Line, but the passphrase fails to authenticate successfully at the pre-boot authentication (BootGuard) prompt. The same complex passphrase may work correctly on the Symantec Encryption Desktop (previously PGP Desktop) graphical user interface.
Note: The PGP product line has been renamed. For a detailed map of old product names to new ones, refer to the Symantec Knowledgebase article TECH197084.
Authentication failed: "Incorrect passphrase"
Environment: Microsoft Windows command prompt
The passphrase authentication fails when you enter certain special characters using Command Line, without the escape character. These special characters are not saved properly on the hard disk used for Drive Encryption. This causes the user authentication failure even when the correct passphrase is entered at the pre-boot authentication prompt.
A few special characters are interpreted differently when used in the Windows command prompt. Hence, you should precede the caret (^) escape character with the '&' and '>' characters at the Windows command prompt. However, using the Caret character does not solve the issue if a passphrase has double quotes in it.
For a complex passphrase, such as p3@nutbutt3r&jelly>h@m&cheese, the Caret character should precede the '&' and '>' characters as follows:
Note: The same complex passphrase may work correctly without the use of the Caret character on the Symantec Encryption Desktop graphical user interface.
Shell special characters fail to authenticate if not escaped.
Imported Document ID: TECH208058
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe