With cryptographic tokens, the user is authenticated at the SafeGuard POA by the certificate
stored on the token. To log on to the system, users only have to enter the token
Note: Cryptographic tokens cannot be used for unmanaged endpoints.
You have to provide users with fully issued tokens. For further information, see
Configure token use.
Basic certificate requirements:
- Algorithm: RSA
- Key length: minimum 1024
- Key usage: data encipherment or key encipherment.
Note: In case of logon problems with a Kerberos token, neither Challenge/Response nor
Local Self Help is available for logon recovery. Only the Challenge/Response
procedure using Virtual Clients is supported. It enables users to regain access to
encrypted volumes on their endpoints.