Certify Password Reset before Switching to FIPS



To change the local security policy to FIPS, in a machine where Certify is installed. Perform the following steps as a local administrator:
 
1)   Click Start --> Local Security Policy
2)   Navigate to Local Policies --> Security Options --> System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing
 
NOTE: The following steps must be performed to reset the admin password. The default admin password is hashed using an older algorithm. The password must be reset before switching to FIPS mode.
 
1)   Switch the machine to non-FIPS mode.
2)   Login with a admin user.
3)   Click on Tools --> Reset My Password to reset password.
4)   Switch machine back into FIPS mode (described in #2 in previous section)

To allow older Worksoft Certify versions to run on a hardened Server, please change the registry value for FIPS as follows:

1. Open Registry Editor on your machine.
2. From the registry editor, expand HKEY_LOCAL_MACHINE.
3. Expand SYSTEM
4. Expand ControlSet001
5. Expand Control
6. Expand Lsa
7. Select FipsAlgorithmPolicy
8. Under FipsAlgorithmPolicy, modify "Enabled" from 1 to 0.
9. Refresh the registry editor, and then re-start Certify.

This will allow Certify 9.0.1 or older to run.