If you do not require Pre-boot, users go straight to the Windows login. Because this makes the computer less secure, we recommend that you require Pre-boot authentication in some scenarios.
To temporarily require Pre-boot:
Option |
Description |
||
More than X failed logon attempts were made |
If a user's failed logon attempts exceed the number of tries specified, Pre-boot is required. The computer automatically reboots and the user must authenticate in Pre-boot. |
||
The hard disk is not used by the original computer (hardware Hash) |
If selected, the client generates a hardware hash from identification data found in the BIOS and on the CPU. If the hard drive is stolen and put in a different computer, the hash will be incorrect and Pre-boot is required. The computer reboots automatically, and the user must authenticate in Pre-boot. Warning: Clear this option before you upgrade BIOS firmware or replace hardware. After the upgrade, the hardware hash is automatically updated to match the new configuration. |
||
The computer cannot reach any of the configured locations |
To make sure that the client is connected to the correct network, the computer pings a defined number of IP addresses during the boot process. If none of the IP addresses replies in a timely manner, the computer might have been removed from the trusted network and Pre-boot is required. The computer reboots automatically and the user must authenticate in Pre-boot. |
||
Before Pre-boot authentication is required, show this message |
Enter a message to display to the user if a configured condition is met and Pre-boot is required. For example, to call the Help Desk if the Pre-boot window opens. |
||
Note - If a dynamic event fails, such as a Network Location Awareness Verification, the computer will not be able to reach configured locations. |