Removing all fingerprints on the hardrive and upek reader
 

Problem Description:

Fingerprints are enrolled into EMBASSY that are not visible to remove within the EMBASSY Security Center program or the environment has changed causing enrolled fingerprints to become invalid for authentication.

Solution:

All fingerprints can be removed after logging in with a password instead of the biometric authentication. If you are not prompted for your password, please reference "Disabling the Wave Gina" to log on with a password. If you do not know or have a windows password, please contact your IT administrator for password assistance.

1. Reboot into Windows (XP or Vista)

2. Delete USC Folder

  • Vista: C:\Program Data\Wave Systems Corp.\UCS 2.0
  • XP: C:\Documents and Settings\All Users\Application Data\Wave Systems Corp\UCS 2.0

3. Clear Enrolled Fingerprints

  • Download http:\\Wave.com\Support\downloads\DeleteUsers.zip and unzip the file.
  • Drag the DeleteUsers.exe file and drag it into the following location:

    • X:\Program Files\Wave Systems Corp\Dell Preboot Manager

  • Double-click the file to run it. This will delete all enrolled fingerprints to the UPEK reader.

4. Clear the TPM - When the TPM is cleared, all the keys you previously had stored on your vault will be lost. You should create an archive of your TPM Keys before clearing the TPM. To recover your TPM keys, you will need to restore your keys from an archive.

  • Power off your computer, then turn on computer, during the startup screen, press F2 to go to the BIOS setup menu.
  • On the BIOS menu, see, using the arrow keys go to Security settings category, press the <Enter> key. Select TPM Activation and on the right side of the menu select Clear.
  • When the TPM gets cleared, the TPM Activation defaults to Deactivate, go to TPM Activation and select Activate.
  • You have just cleared the TPM hardware on the BIOS, now you save the configuration, by press <ESC> key, choose to Save/Exit, see, then the computer will be restarted.
  • Boot into Windows.

If the files referenced below are not found, proceed to step 5.

  • Delete C:\Documents and Settings\USERNAME\Local Settings\Application Data\.user_keys.dat
  • Delete C:\Windows\key_registry.dat
  • Delete C:\Program Files\Wave Systems Corp\Secure Storage Manager\data\am.dat. If you have a problem deleting this file, go to Control Panel-->Administrative Tools-->Services and stop the DataSvr Service. (Please note that am.dat is a hidden system folder. You may need to go to Tools-->File Options and choose the View tab. Make sure the checkbox next to “Hide protected operating system files (Recommended)” is empty.

5. Enroll fingerprints and enable the secure logon.

Download:

As referenced above in Step 3, the DeleteUsers.zip is located at

Http://wave.com/support/downloads/DeleteUsers.zip.

The deleteusers.zip tool only works on UPEK fingerprint readers.

Applies To:

This document applies to systems running Windows XP or VISTA.

 

Article ID: PBA-013
Last Reviewed: September 26, 2007
Revision: 1.00

 

Feedback on this article:
Did this article solve your problem? Yes No Partially I do not know yet
Comments:

 

Print Page
Increase Text
Decrease Text
          Copyright © 1997-2008 Wave Systems Corp. All rights reserved.