You are no longer prompted to enter your private key password every time that the private key is accessed after you upgrade your computer to Windows XP Service Pack 2

Article translations Article translations
Article ID: 890062 - View products that this article applies to.
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows registry
Expand all | Collapse all

SYMPTOMS

You are no longer prompted to enter your private key password when strong private key protection functionality is set to high. This issue occurs after you upgrade your computer to Microsoft Windows XP Service Pack 2 (SP2), or after you install the hotfix that is described in the following article in the Microsoft Knowledge Base:
821574 Windows prompts you for your password multiple times when you use Outlook if strong private key protection is set to high
When strong private key protection functionality is set to high by using a software key in CryptoAPI, you are no longer prompted to enter your private key password every time that the private key is used to sign data, to encrypt data, or to decrypt data. You are only prompted to enter your private key password the first time that the private key is accessed.

CAUSE

This issue occurs because of a change in the functionality of Windows XP SP2. This change in functionality is documented in the Microsoft Knowledge Base article 821574 that is listed in the Cause section.

WORKAROUND

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To work around this issue, add the PrivKeyCacheMaxItems registry entry to the following registry subkey, and then set the registry entry to 0 (zero):
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Cryptography
To do this, follow these steps:
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Cryptography
  3. On the Edit menu, point to New, and then click DWORD Value.
  4. Type PrivKeyCacheMaxItems, and then press ENTER.
  5. Right-click PrivKeyCacheMaxItems, and then click Properties.
  6. Type 0 in the Value data box, and then click OK.
  7. Quit Registry Editor.

Properties

Article ID: 890062 - Last Review: September 2, 2005 - Revision: 3.2
APPLIES TO
  • Microsoft Windows XP Professional Service Pack 2 (SP2)
  • Microsoft Windows XP Home Edition SP2
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home Edition
Keywords: 
kbpending kbbug kbtshoot KB890062

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com