|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
12-29-2006
| #1 (permalink) |
| | Bitlocker and Smartcard authentification Hello, our technical account manager suggested to me to look into Bitlocker as a possible reason to do on early migration for notebooks. We do currently use Safeguard Easy and Safeboot for driveencryption. These products allow the use of smartcards and Aladdin tokens to authenticate both against the drive encryption prior to the O/S-boot and against the operation system at logon. For several reasons, I would prefer a smartcard-authentification over the current TPM/Pin-system. Among these reasons are: - Our current standard laptops have no TPM, and we use them for appx. 4 years based on our accounting procedures. Thus, changing to a TPM-bearing model would change our hardwarebase over a period of more than 4 years. - Our notebooks are often pooled among several users. The current authentification procedure authentificates single users and allows us to differentiate which notebook belongs to which pool, as each user has 2 factors which are unique to him, and we can allow one or more credentials on each machine. The TPM-based approach sets a common factor: Posession of the chassis with the TPM which is the "posession factor" and a common secret which all pooling employees share among them. The TPM-based approach is more designed with the idea of dedicated machines in mind. Is there a chance that a smartcard-operated authentification might be implemented into the security system of Bitlocker? Regards, Detlev |
My System Specs |
|
12-29-2006
| #2 (permalink) |
| | Re: Bitlocker and Smartcard authentification In article <uwr2N$5KHHA.3564@TK2MSFTNGP02.phx.gbl>, in the microsoft.public.windows.vista.security news group, Detlev Rackow <detlev.rackow@gmx.de> says... > Is there a chance that a smartcard-operated authentification might be > implemented into the security system of Bitlocker? > Not any time soon, no. -- Paul Adare - MVP Virtual Machines Waiting for a bus is about as thrilling as fishing, with the similar tantalisation that something, sometime, somehow, will turn up. George Courtauld |
| My System Specs |
|
01-23-2007
| #3 (permalink) |
| | Re: Bitlocker and Smartcard authentification Smart cards can be used in Vista for logon and for EFS encryption. A combination of these features may be a solution to consider for your laptops. Here's an overview that might be helpful: http://www.microsoft.com/technet/win...ata.mspx#EGJAC Thanks. Pat -- This posting is provided "AS IS" with no warranties, and confers no rights. "Paul Adare" wrote: > In article <uwr2N$5KHHA.3564@TK2MSFTNGP02.phx.gbl>, in the > microsoft.public.windows.vista.security news group, Detlev > Rackow <detlev.rackow@gmx.de> says... > > > Is there a chance that a smartcard-operated authentification might be > > implemented into the security system of Bitlocker? > > > > Not any time soon, no. > > -- > Paul Adare - MVP Virtual Machines > Waiting for a bus is about as thrilling as fishing, > with the similar tantalisation that something, > sometime, somehow, will turn up. George Courtauld > > |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Authentification problem | Vista networking & sharing | |||
| Authentification mystery - XP Pro SP3 + Vista Ult 64 SP1 | Vista networking & sharing | |||
| LEAP AUTHENTIFICATION WITH VISTA | Vista networking & sharing | |||
| LDAP user authentification | PowerShell | |||
| BitLocker: SmartCard support? | Vista security | |||
