How to reset your SSO secret

If you are getting many errors in the EventLog related to the SSO like this. (you will also have issues deploying or viewing the SSO data):
Cannot perform encryption or decryption because the secret is not available from the master secret server.
Screenshot of EventLog entry
Then you need to reset your SSO master secret.


Open an admin command prompt
Change directory to C:\Program Files\Common Files\Enterprise Single Sign-On
Look for any *.bak in the folder to get the current backup of the secret. It should be something like SSO478AD.bak
Then enter the command: ssoconfig -restoresecret SSO478AD.bak
You should see output like this:
Password reminder : <your reminder here>
Password : *******
The operation completed successfully.


If you can't find any *.bak file in the folder or you don't recall what your password is, then unfortunately you have no choice but to un-configure and reconfigure BizTalk.
So some tips are: ALWAYS backup the secret and make the Password Reminder REALLY obvious.