Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

Password Manager - what if you forget both master and security questions???

SCN pals,

BACKGROUND
We have SAP Password Manager 2.0 SP 3.
We are on Windows7 enterprise SP1 on both 32bit and 64bit OS.
We have IE9 as our primary browser.

I have read the SAP Password manager guide here:
http://scn.sap.com/docs/DOC-40109
http://help.sap.com/download/sapsso/pwdmngr_impl_guide_en.pdf


ISSUE
We have a situation where end-users are forgetting BOTH their master password AND their security question/answer.  When that happens, the only thing I know to do is uninstall/re-install the Password Manager software.  Sure, they've lost all the websites USERID/passwords they stored, but at least they can begin to put them back again, and if they are lucky, they exported them at some point so we can import them.

Well, when you uninstall/reinstall, you are NOT prompted to create a new master password and new security questions!  it still wants the old ones that you CAN'T remember!

In the documentation that I referred to earlier, it says:
<page12 chapter 2.6 Removing Your Personal Data >
Removing Password Manager with the installer does not remove all user data and files.

Procedure
1.
Navigate to the installation directory.
The default installation directory is C:\Program Files\SAP\FrontEnd.

2.
Delete the signon directory.

3.
Open the Registry Editor.

4.
Delete the following keys:
HKEY_LOCAL_MACHINE\SOFTWARE\SAP\signon
HKEY_CURRENT_USER\Software\SAP\signon

I did all that.  And I restarted the PC multiple times.

Still, when I re-install the software, it still does not prompt you for a brand-new master password creation and new security question (answer).

It still wants the ones that you can't remember!!!

I think this is a bug.

I need to know where else the SAP Password manager is storing this stuff so I can delete it and allow my users to use this tool.

Yes...I already put in a message but I expect that'll take a few weeks....so maybe...maybe someone other than me actually uses this tool.

Thanks

NICK

replied

Hello Nick,

You are right. Personal data is stored by Password Manager in a data storage directory. You can read more about that in the "Data Storage Security" section of the Password Manager guide.

This directory by default is located under the user's personal directory on the file system:

"%APPDATA%\Roaming\SAP\signon\Softtoken"

If the directory is changed by the system administrator prio installation of Password Manager, you need to know where it is located for the user who forgot their master password and security question and answer.

In either case, you can delete this directory and start Password Manager again to create a new master password and security question and answer for the user.

Best regards,

Lyubomir Lalev

1 View this answer in context
Not what you were looking for? View more on this topic or Ask a question