Changing the User Pre-boot Authentication Settings

By default, users get the Pre-boot authentication method from the global Pre-boot Authentication Settings. You can assign custom authentication settings to users on the User Details page. You can also assign a user password and manually add user certificates on this page.

On R77.20 and higher Endpoint Security Management Servers and E80.51 and higher clients, you can assign Dynamic Token as a user's authentication method.

To change a user Pre-boot authentication method:

1. Double-click a user in the tree.
2. In the User Details window, select User Authentication (OneCheck).
3. Click Pre-boot Authentication Method.
4. Click Use specific Pre-boot Authentication Method for this user.
5. Select an authentication method:
   • Password - This user can only authenticate with a username and password.
   • Smart Card - This user can only authenticate with a Smart Card.
   • Either Smart Card or Password - This user can authenticate with user name and password or a Smart Card.
   • Dynamic Token - This user can only authenticate with the password from a dynamic token.
6. If you select Smart Card, we recommend that you select
   Change authentication method only after user successfully authenticates with a Smart Card

   This lets users authenticate with a password until all of the requirements for Smart Card authentication are set up correctly. After users successfully authenticate one time with a Smart Card, they must use their Smart Card to authenticate. If you configure a user for Smart Card only and do not select this, that user is not able to authenticate to Full Disk Encryption with a password.

   Select one or more Smart Card drivers.

7. If you select Dynamic Token, click Select token. The user can only authenticate with the selected token. See Managing Dynamic Tokens.
   • Select a token from the list or click Add or Import to add a new token.
   • Click OK.
8. Click OK.
9. On the User Authentication (OneCheck) page:
   • For Password authentication - You can enter a User Password or Change Password.
   • For Smart Card authentication - In the User Certificates area, make sure the user has a valid certificate to use with the Smart Card. If a certificate is not shown, you can click Add to import a certificate.