When trying to decrypt keystroke logs in BCC there may be trouble using the password that was documented for the keystroke logs.

Resolution / Workaround

The old BoKS GUI, that came with BoKS v6.5, truncated the keystroke log passwords to 10 characters, so if a longer password was typed in and documented, only the first ten characters was actually used to set the encryption.

The solution would therefore be to type in the 10 first characters of the password in BCC when viewing keystroke logs.


If opted for when the certificate was created, the password should be stored in clear text in the .pin file, corresponding to the Keystroke Log Certificate, in $BOKS_data/sso_creds/ca_creds/keypkgs/

In BCC the password is truncated after 31 characters when creating a new Keystroke Log Encryption Certificate.

Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: June 28, 2019