ID Vault password authentication to a Domino 14.5.0 ID Vault server fails with error: Illegal Security function code
Daniel Nashed – 27 August 2025 19:59:53
Domino 14.5 introduced an ID Vault incompatibility with older client versions.
The issue is described in the following technote.
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122915
If you are looking into upgrading and have older clients, you should leave your ID Vault server on 14.0 for now.
Domino 14.5 FP1 is planned to be shipped soon and will provide an option to keep the older algorithm.
Below is the current info from the technote. I will write up more information as soon we have 14.5 FP1 available.
But it would be expected to have a way to control if the new algorithm is used.
What is important: Once the ID is in the wrong format, an older client cannot access it any more.
If you have a current issue, you should open a support ticket.
Notes/Domino 14.5.0 released with a new, stronger, default algorithm setting used during the password authentication protocol to the ID Vault. This new default algorithm only has latent support in 14.0.x clients and servers.
Notes clients and Domino servers that are pre-14.0 do not have the latent support for the new 14.5.0 default algorithm setting used in the ID Vault password authentication transaction.
Therefore any ID Vault password authentication transaction consisting of one endpoint running pre-14.0 code and the other end 14.5.0 code could encounter the ID Vault password authentication failure "Illegal Security function code".
- Comments [0]
![[HCL Domino]](../lotus-domino.gif){kind=small}
![[Domino on Linux]](../domino-linux.gif){kind=small}
![[Nash!Com]](../nashcom.gif){kind=small}
![[Daniel Nashed]](../daniel-nsh.gif){kind=small}