User profile for user: Sikosis
Sikosis Author
User level: Level 1
20 points

Secure Token Broken when Password Changed

Recently, there have been numerous instances where users change their passwords and later discover, typically a month afterward when attempting a Software Update, that they can't proceed. Users often assume their password is incorrect because, during the Software Update process, they receive no error message, only a notification that their access is denied when entering their password.


Repairing a secure token requires the credentials of a user with a valid token and the credentials of the affected user. Consequently, we can only fix a secure token when physically present at the machine and with the user in attendance. This requirement becomes quite restrictive when managing hundreds of users.


There is also no method to verify whether the secure token is corrupted. You can only check if the secure token exists. This limitation further complicates the resolution process.


Is there not a better way?


Posted on Aug 19, 2025 04:23 PM

Reply
3 replies
User profile for user: leroydouglas
leroydouglas
Community+ 2025
User level: Level 10
196,506 points

Aug 21, 2025 09:57 AM in response to Sikosis

Sikosis wrote:

Ah, I probably should have mentioned that they are connected via Active Directory,
which means the password change can be performed through various methods that do not involve the Mac.





James Brickley has some interesting comments here—


MacOS bound to Active Directory will not allow AD account to login after reboot 

MacOS bound to Active Directory will not … - Apple Community


Reply

Secure Token Broken when Password Changed

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up