cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Smartcard FDE pre-boot authentication

Hi guys,

Does anyone have experience with using a smartcard to unlock the pre-boot of Sandblast FDE?

I've enabled the feature in the end-point console, when entering my smartcard it switches the login screen to enter my PIN. However when I enter the PIN it does not unlock.

The smartcard has a user certificate on it to authenticate on Windows, which is working fine. 

I don't have that much experience with smartcards and CheckPoint so I was wondering if I need a specific certificate (like EFS) or that any of you have any experience using this.

I would also think that the driver is correct because it switches to the PIN and when I use another type of smartcard it does not switch, so cannot read the smartcard.

Any help would be appreciated!

3 Replies
Admin
Admin

Re: Smartcard FDE pre-boot authentication

In older versions (ones no longer supported), there was a bug with PINs of a certain length.

Not sure that's still relevant.

It's probably a good idea to involve the TAC in this.

0 Kudos

Re: Smartcard FDE pre-boot authentication

Thanks for the response, this however is not an older version and the pin is only 4 digits in lenght for testing.

We'll probably need TAC but I have some great experiences with this community and was hoping for the small simple remark that will point is in the right direction. My guess is that this is something simple that we are overlooking.

0 Kudos
Admin
Admin

Re: Smartcard FDE pre-boot authentication

I'll see if I can get an expert in this area to comment Smiley Happy

0 Kudos