-
Title
Offline Password Reset attempt fails with the error: "Invalid response code. Verify your response code and try again." -
Description
The Offline Password Reset tool fails with the following error:
Invalid response code. Verify your response code and try again.
The challenge and response codes are valid.
In the Password Manager logs, the similar log line to the following is found (note that lpszUserName is blank):
16:20:06.428 VERBOSE 5572 13640 localpasswordreset.ui.cpp:167 ShowLocalPasswordResetDialog lpszUserName=
The user's password can successfully be reset by scanning the QR code instead of using the full challenge code/response code method.
-
Cause
There are two scenarios where this issue arises:
- An attempt is being made to reset the password of any account other than the one that was last successfully logged into the workstation
- The workstation has the Interactive Logon: Do not display last user name policy set to Enabled either manually or via Group Policy.
When using the full challenge code/response code method, the Offline Password Reset utility reads the username from the last-logged-on user and uses this when attempting to reset the locally cached password. When using the QR code, the username is passed via a different method.
This issue is being tracked as a Produce Defect under Defect ID# 268648.
-
Resolution
RESOLUTION 1
Use the QR Code method to reset the user's password instead of the full challenge code/response code method
RESOLUTION 2
Set the Interactive Logon: Do not display last user name policy set to Disabled and only attempt to reset the password of the last-logged-on user.
STATUS
This Product Defect (268648) has been fixed in the latest available cumulative patch, you can get more information about it here:
Password Manager 5.9.5 cumulative hotfix (331767):
https://support.oneidentity.com/password-manager/kb/331767
-
Change Request
268648