As most know, when using PGP to encrypt a hard drive, you enter your password at the boot screen and it will log you into Windows. After redeploying a laptop for a new user, PGP would not pass the new username thru to Windows. It would stop at the Windows credential prompt with an previously used username. After a fair amount of troubleshooting and research, it was determined the problem was with the TPM chip.

PGP can be configured to use password only or TPM and password to authenticate users. PGP on this laptop had been configured to use TPM and password. The TPM chip had become locked out by the previous user. Which prevented new users from accessing the TPM chip. So you could add a new user to PGP but it never would add the user to the TPM configuration and there was no error stating this.  Since the old user’s password was not available, it required deactivating the TPM chip. Before deactivating TPM, the administrator account being used changed to password only in PGP. If this change wasn’t made to the administrator account first, it would have locked out of PGP. TPM was deactivated and the laptop rebooted. TPM was reactivated and the laptop rebooted. The new user account was added back to PGP and rebooted again. This time PGP passed the username through to Windows without any problems.