Disable HP Client Security’s Password Manager

I already use a password manager, and I don’t want to use HP’s.  Yet because I installed HP Client Security, I’m bombarded with notifications to install an addon that isn’t properly supported just because I want to use disk encryption and a fingerprint reader.  There’s no good solutions out there (HP forum says “uninstall our software”), so I poked around with Process Monitor and “fixed” it myself.

Head’s up: I’m going to talk about the how and what, but if you just want the fix, scroll down to the end.

The How and What

I figured that since HP Client Security tracks where and when and what it hooks into, and doesn’t use any (obvious) config files, that it probably stores that data in the registry.  Process Monitor, for those who don’t know, is a SysInternals tool that lets you see everything that every application is doing with (practically) every aspect of your system, including every registry access.  Within a long, long chain of registry accesses, I came across a query for HKEY_CURRENT_USER\Software\DigitalPersona\Applications\OTAppSettings\BrowserIntegration\firefox_notice, which doesn’t exist normally.  Creating this key (type: REG_SZ) and setting its value to 0 (yes, the string) seems to disable the prompt, but if that alone isn’t enough, HKEY_CURRENT_USER\Software\DigitalPersona\Applications\OTAppSettings\BrowserIntegration\firefox_integ = "-1" and HKEY_CURRENT_USER\Software\DigitalPersona\Applications\OTAppSettings\IntegrateWithFirefox = dword:00000000 also control browser integration logic.  I only have Firefox installed, but I would guess that similar keys exist for Chrome.

The next annoying bit for me to sort out was the nagging message in the HP Client Security application telling me that their password manager wasn’t running my life.  Another dive into Process Monitor found me HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DigitalPersona\DPPT\Plugins\ClientConsole\MyIdentity\DigitalPersona.PasswordManager\ShowAsTool, which if set to dword 1 removes this item from the main menu.  It does, however, add it to that little toolbar in the top right corner (but only on some pages for some reason), but at least it’s not shouting at my face.

The last bit was the most fulfilling.  When I used to use HP ProtectTools (the predecessor to HP Client Security), I could configure my fingerprint reader to lock my laptop, but I couldn’t find an option to change this from the default, which is (of course) to launch the password manager.  Some more poking around (I adore Process Monitor) led me to HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DigitalPersona\Applications\OTAppSettings\QuickActions\Finger, which has at least the valid options of OTM (password manager) and LockWorkstation (self-explanatory).  Not a big library, but it does what I need!

The Fixes

I compiled my fixes into three .reg files.  They change as little as possible (to my knowledge) and remove the password manager feature.

HP Password Manager Fixes

The linked .zip file contains disable_pwmgr_notif.reg, which removes that nagging bubble for Firefox; finger_locks_ws.reg, which replaces the finger swipe action with “lock workstation”; and hide_pwmgr_tool.reg, which moves the “password manager not configured” notification into the toolbar.

Leave a Reply

Your email address will not be published. Required fields are marked *