Subscribe to PortalGuard's Quarterly Newsletter for News & Updates on the Latest Release! Click to Subscribe

Disable PortalGuard's Desktop 2FA After Installation

Problem

You have recently installed the PortalGuard Desktop for Two Factor Authentication (2FA) and need to temporarily disable this functionality on a specific machine.

Solution

Rename the registry keys associated with this feature to temporarily remove the Desktop 2FA feature. 

How to Update the Registry to Disable the Desktop 2FA Feature

  1. Login to the Client Machine OR Access the Registry remotely
    • To login, you will need to login as an account that utilizes a security policy without Desktop 2FA required OR has enrolled for Desktop 2FA previously.
    • If you are unable to login to the client machine with a domain account: You will need to reboot the machine and start in 'Safe Mode'.  This will allow you to login as the Local Administrator account.
  2. Open Regedit.exe as Administrator
  3. Navigate to:
    • HKEY_LOCAL_MACHINE --> SOFTWARE --> Microsoft --> Windows --> CurrentVersion --> Authentication --> Credential Providers
  4. Locate the following key value:
    • {2c180047-cfca-4eb2-b515-3f6e6eca9a03}
  5. Rename this key by adding an "_" to the end of the name.  It should look like this:
    • {2c180047-cfca-4eb2-b515-3f6e6eca9a03}_
      • If you receive an error here, be sure that you are running Regedit as Administrator, otherwise you will not be able to rename the key.
  6. Navigate to:
    • HKEY_LOCAL_MACHINE --> SOFTWARE --> Microsoft --> Windows --> CurrentVersion --> Authentication --> Credential Provider Filters
  7. Locate the following key value:
    • {2c180047-cfca-4eb2-b515-3f6e6eca9a03}
  8. Rename this key by adding an "_" to the end of the name.  It should look like this:
    • {2c180047-cfca-4eb2-b515-3f6e6eca9a03}_
  9. Close Regedit
  10. Reboot the machine and you may now login to Windows normally

REV. 04/2018 | PortalGuard

  • 28
  • 18-Apr-2018
  • 297 Views