Compaq 516 HP ProtectTools - Windows Vista and Windows XP

Compaq 516 - Notebook PC Manual

Get Compaq 516 - Notebook PC PDF manuals and user guides View all Compaq 516 manuals
Add to My Manuals
Save this manual to your list of manuals

Compaq 516 manual content summary:

  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 1
    HP ProtectTools User Guide
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 2
    to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 3
    access from internal or external locations 6 Creating strong password policies 7 Additional security elements ...8 Assigning security roles ...8 Managing HP ProtectTools passwords 8 Creating a secure password 10 Backing up and restoring HP ProtectTools credentials 10 Backing up credentials and
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 4
    Single Sign On 25 3 Drive Encryption for HP ProtectTools (select models only) Setup procedures ... TPM-protected password (select models only 28 Encrypting or decrypting individual drives 28 Backup and recovery Deleting a Privacy Manager Certificate 35 Restoring a Privacy Manager Certificate 36
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 5
    one asset 56 Manually shredding all selected items 57 Manually activating free space bleaching 57 Aborting a shred or free space bleaching operation 57 Viewing the log files ...58 6 BIOS Configuration for HP ProtectTools General tasks ...60 Accessing BIOS Configuration 60 Viewing or changing
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 6
    encrypted e-mail 71 Changing the Basic User Key password 72 Advanced tasks ...72 Backing up and restoring 72 Creating a backup file 72 Restoring certification data from the backup file 72 Changing the owner password 73 Resetting a user password 73 Enabling and disabling Embedded Security 73
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 7
    the Trusted Platform Module (TPM) embedded security chip is installed. HP ProtectTools software modules may be preinstalled, preloaded, or available for download from the HP Web site. Visit http://www.hp.com for more information. NOTE: The instructions in this guide are written with the assumption
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 8
    for HP ProtectTools ● BIOS Configuration provides access to power-on user and administrator password management. ● BIOS Configuration provides an alternative to the pre-boot BIOS configuration utility known as Computer Setup. ● BIOS Configuration enablement of automatic DriveLock support, which
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 9
    (TPM) embedded security chip to help protect against unauthorized access to sensitive user data or credentials stored locally on a PC. ● Embedded Security allows creation of a personal secure drive (PSD), which is useful in protecting user file and folder information. ● Embedded Security supports
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 10
    mode to view information, but you cannot make changes. 2. In the left pane, click HP ProtectTools, and then click Getting Started. 3. Click the Security Manager Setup button, located directly below the HP ProtectTools shield icon, to launch the Security Manager Wizard. The following page is
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 11
    ● The wizard guides Windows operating system administrators through the configuration powerful features, click the module icon. NOTE: After you have configured the Credential Manager module, you can also open HP ProtectTools by logging on to Credential Manager directly from the Windows logon screen
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 12
    by the Embedded Security for HP ProtectTools module, encrypts sensitive a contract auditor is working onsite and has been given computer access to review sensitive financial data; you business PC presents a very tangible risk to corporate network resources such as information from financial services
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 13
    stored locally on a PC using the following procedures: ◦ Embedded Security "Setup procedures on page 69" ◦ "Using the Personal Secure Drive on page 71" ● Using the following procedures, Credential Manager for HP ProtectTools helps ensure that an unauthorized user cannot get passwords or access to
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 14
    regular users or administrators. HP ProtectTools password Set in this HP ProtectTools Function module Credential Manager logon password Credential Manager Credential Manager recovery file Credential Manager, by IT password administrator Basic User Key password Embedded Security NOTE: Also
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 15
    access to the Computer Setup utility. Power-on password BIOS Configuration Protects access to the computer contents when the computer is turned on, restarted, or restored from hibernation. Windows Logon password Windows Control Panel Can be used for manual logon or saved on the Java Card
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 16
    , such as an e-mail, on the computer. ● Do not share accounts or tell anyone your password. Backing up and restoring HP ProtectTools credentials To back up and restore credentials from all supported HP ProtectTools modules, reference the following: Backing up credentials and settings You can back up
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 17
    Windows XP, click Start, and then click HP ProtectTools Security Manager. NOTE: In Windows Vista, you must launch the HP ProtectTools Security Manager for Administrators to make changes. After logging on to Credential Manager, you can register additional credentials, such as a fingerprint or a Java
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 18
    of HP ProtectTools Security Manager, by clicking the Log On link in the upper-right corner of the window 2. Follow the on-screen instructions to Registering fingerprints A fingerprint reader allows you to log on to Windows using your fingerprint for authentication instead of using a Windows password.
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 19
    Setting up the fingerprint reader 1. In HP ProtectTools Security Manager, click Credential Manager in the left pane. 2. Click My Identity, and then click Register Fingerprints. 3. Follow the on-screen instructions to complete registering your fingerprints and setting up the fingerprint reader. 4. To
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 20
    Registering other credentials 1. In HP ProtectTools Security Manager, click Credential Manager. 2. Click My Identity, and then click Register Credentials. The Credential Manager Registration Wizard opens. 3. Follow the on-screen instructions. 14 Chapter 2 Credential Manager for HP ProtectTools
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 21
    Manager on page 24." Creating a virtual token A virtual token works very much like a Java Card or USB Token. The token click Finish. Changing the Windows logon password 1. In HP ProtectTools Security Manager, click Credential Manager screen instructions to complete the PIN change. General tasks 15
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 22
    log on to Windows, swipe your finger to log on. 2. In Windows XP, if you have not registered your fingerprint to log on to Windows, click the keyboard icon in the upper-left corner of the screen next to the fingerprint icon. The Credential Manager Logon Wizard opens. In Windows Vista, if you have
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 23
    logon check box. 6. Follow the on-screen instructions. If your authentication information is correct, you authentication credentials with a Java Card, a fingerprint reader, or a token before logging on in the program or Web site password dialog box. 3. Type your password for the program or Web site,
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 24
    , select the desired record in the list. 4. Follow the on-screen instructions. Managing applications and credentials Modifying application properties 1. In HP ProtectTools Security Manager, click Credential Manager, and then click Services and Applications from the left pane. 2. Click Manage
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 25
    application entry you want to export, and then click More. 4. Follow the on-screen instructions to complete the export. 5. Click OK. Importing an application 1. In HP ProtectTools Security Manager, click Credential Manager, and then click Services and Applications in the left pane. 2. Click Manage
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 26
    identity before viewing the password. 5. Follow the on-screen instructions. 6. Click OK. Using screen instructions. Removing protection from an application To remove restrictions from an application: 1. In HP ProtectTools Security Manager, click Credential Manager in the left pane. 2. Click Services
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 27
    Changing restriction settings for a protected application 1. Click Application Protection. 2. Select a category of user whose access you want to manage. NOTE: If the category is not Everyone, you may need to click Override default settings to override the settings for the Everyone category. 3. Click
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 28
    type or combination of credentials are required of either users or administrators. To specify how users or administrators log on: 1. In HP ProtectTools Security Manager, click Credential Manager in the left pane. 2. Click Multifactor Authentication 3. In the right pane, click the Authentication tab
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 29
    can create custom requirements. To configure custom requirements: 1. In HP ProtectTools Security Manager, click Credential Manager in the left pane. ● To register the credential, click Register, and then follow the on-screen instructions. ● To delete the credential, click Clear, and then click Yes in
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 30
    it handles detection of logon screens, automatic logon to registered logon dialogs, and password display. ● Services and Applications-Allows you to view the available services and modify the settings for those services. ● Security-Allows you to select the fingerprint reader software and adjust the
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 31
    Example 2-Using the "Advanced Settings" page to require user verification before Single Sign On 1. In HP ProtectTools Security Manager, click Credential Manager, and then click Settings. 2. Click the Single Sign On tab. 3. Under When registered logon dialog or Web page is
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 32
    you have registered with the Drive Encryption recovery service. Reinstalling the Drive Encryption module will not enable you to access the encrypted drives. Setup procedures Opening Drive Encryption 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. Click Drive
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 33
    screen: NOTE: If the Windows administrator has enabled Pre-boot Security in the HP screen. 1. Select your user name, and then type your Windows password or Java™ Card PIN, or swipe a registered finger. 2. Click OK. NOTE: If you use a recovery key to log in at the Drive Encryption logon screen
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 34
    (select models only) Use the Embedded Security tool in HP ProtectTools to activate the TPM. After activation, logging in at the Drive Encryption logon screen requires the Windows user name and password. NOTE: Because the password is protected by a TPM security chip, if the hard drive is moved to
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 35
    a valid e-mail address to register and to recover your password through this service. 1. Open Drive Encryption, and then click Recovery. 2. Click Register. 3. Click one of the following options: ● I want to create a new recovery account for this PC. If you choose this option, type your email address
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 36
    On the recovery service logon page, enter your e-mail address, password, and the numbers and letters you see in the box. 5. Click Logon. 6. Click Profile to update your personal information, such as your telephone or billing address. - or - Click Reset Password to reset or change your password. - or
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 37
    Next. 6. On a different computer with an Internet connection, access the SafeBoot Recovery Service Web site at http://www.safeboot-hp.com. 7. Click Recovery Process. 8. On the recovery service logon page, enter your e-mail address, password, and the numbers and letters you see in the box. 9. Click
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 38
    instant messaging (IM). Privacy Manager leverages the security infrastructure provided by HP ProtectTools Security Manager, which includes the following security logon methods: ● Fingerprint authentication ● Windows® password ● HP ProtectTools Java™ Card You may use any of the above security logon
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 39
    Opening Privacy Manager To open Privacy Manager: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. Click Privacy Manager: Sign and Chat. - or - Right-click the HP ProtectToolsicon in the notification area, at the far right of the taskbar, click Privacy Manager:
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 40
    Privacy Manager Certificate attached, open the e-mail and click the Setup button, in the lower-right corner of the message. 2. Authenticate using you need to restore your Privacy Manager Certificate and associated keys. 5. Enter and confirm a password, and then click Next. 34 Chapter 4 Privacy
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 41
    If you choose to begin the Trusted Contact invitation process, follow the on-screen instructions. - or - If you click Cancel, refer to Managing Trusted Contacts deleted a Privacy Manager Certificate, you can restore it using the backup file that you created when you installed the
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 42
    then click Apply. Restoring a Privacy Manager Certificate If you have accidentally deleted a Privacy Manager Certificate, you can restore it using the backup using your chosen security logon method. 6. Follow the on-screen instructions. Managing Trusted Contacts Trusted Contacts are users with whom
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 43
    Adding Trusted Contacts 1. You send an e-mail invitation to a Trusted Contact recipient. 2. The Trusted Contact recipient responds to the e-mail. 3. You receive the e-mail response from the Trusted Contact recipient, and click Accept. You can send Trusted Contact e-mail invitations to individual
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 44
    Manager. 2. Click the Trusted Contact you want to delete. 3. Click Delete contact. 4. When the confirmation dialog box opens, click Yes. 38 Chapter 4 Privacy Manager for HP ProtectTools (select models only)
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 45
    Checking revocation status for a Trusted Contact 1. Open Privacy Manager, and click Trusted Contacts Manager. 2. Click a Trusted Contact. 3. Click the Advanced button. The Advanced Trusted Contact Management dialog box opens. 4. Click Check Revocation. 5. Click Close. Setup procedures 39
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 46
    button in the upper-left corner of the screen. 2. Click Prepare, and then click Mark as Final. 3. When the confirmation dialog box opens, click Yes, and continue working Before Signing. NOTE: A check mark is displayed next to Add Signature Line Before Signing when HP ProtectTools (select models only)
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 47
    for those users at the bottom of the final page of the document with instructions to sign by a specific date. To add a suggested signer to a line check boxes are not selected, the suggested signer will not be able to display the date and/or title in the signature line even if the suggested signer's
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 48
    document. 4. Refer to Sealing and sending an e-mail message for further instructions. Viewing a signed Microsoft Office document NOTE: You do not need to document is opened, a Signatures dialog box opens next to the document, displaying the name of the user who signed the document and the date it
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 49
    Office document. Using Privacy Manager in Microsoft Outlook When Privacy Manager is installed, a Privacy button is displayed on the Microsoft Outlook toolbar, and a Send Securely button is displayed on the toolbar of each Microsoft Outlook e-mail message. Configuring Privacy Manager for Microsoft
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 50
    Live Services. 3. Click Gallery, and then click Messenger. 4. Click Activities, and then click Safety and Security. 5. Click Privacy Manager Chat, and then follow the on-screen instructions. Starting to begin a secure chat. 44 Chapter 4 Privacy Manager for HP ProtectTools (select models only)
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 51
    button to request authentication from your contact. ● Lock-Click this button to close the Privacy Manager Chat window and return to the Chat Entry window. To display Manager. In the viewer, each session shows the (encrypted) Contact Screen Name, and the date and time the session began and ended. By
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 52
    History viewer 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. Click Privacy Manager: Sign and Chat, and the file for viewing. If the session has not been revealed (displaying the decrypted Contact Screen Name) previously, it is revealed at the same time. 1. In
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 53
    only search for text in revealed (decrypted) sessions that are displayed in the viewer window. These are the sessions where the Contact Screen Name is shown in plain text. 1. In the Chat History Viewer, click the Search button. 2. Enter the search text, configure any desired search parameters, and
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 54
    to search for a location, and then click Next. 5. Enter and confirm a password, and then click Next. NOTE: Store this password in a safe place, because you will need it when you import the migration File Import" page, click Finish. 48 Chapter 4 Privacy Manager for HP ProtectTools (select models only)
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 55
    5 File Sanitizer for HP ProtectTools File Sanitizer is a tool that allows you to securely shred space bleaching is for those assets that you delete using the Windows Recycle Bin or when you manually delete an asset. Free space bleaching provides no additional security to shredded assets. You can set
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 56
    icon. - or - ● Right-click the HP ProtectTools icon in the notification area, at the When this option is selected, a dialog box is displayed at shutdown, asking if you want to continue Select the Activate Scheduler check box, enter your Windows password, and then enter a day and time to shred
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 57
    using the Windows Recycle Bin or for manually deleted assets. Free space bleaching provides no Select the Activate Scheduler check box, enter your Windows password, and then enter a day and time to bleach selected. You can click the View Details button to view the predefined list of assets that
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 58
    4. Under Do not shred the following, click Add to select the specific assets that you want to exclude from shredding. 52 Chapter 5 File Sanitizer for HP ProtectTools
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 59
    When this option is selected, a dialog box is displayed at shutdown, asking if you want to continue with Select the Activate Scheduler check box, enter your Windows password, and then enter a day and time to shred the Windows Recycle Bin or for manually deleted assets. Free space bleaching provides
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 60
    a predefined erasure method and list of assets are automatically selected. You can click the View Details button to view the predefined list of assets that are selected for shredding. To select a predefined shred you want to exclude from shredding. 54 Chapter 5 File Sanitizer for HP ProtectTools
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 61
    NOTE: Only file extensions can be excluded from shredding. For example, if you add the .BMP file extension, all files with the .BMP extension will be excluded from shredding. To remove an asset from the exclusions list, click the asset, and then click Delete. 6. When you finish configuring the shred
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 62
    shredding one asset CAUTION: Shredded assets cannot be recovered. Carefully consider which items you select for manual shredding. 1. Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click File Sanitizer, and then click Shred One. 2. When the Browse
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 63
    Click the Shred Now button. 3. When the confirmation dialog box opens, click Yes. Manually shredding all selected items 1. Right-click the HP ProtectTools icon in the , a message above the HP ProtectTools Security Manager icon in the notification area is displayed. The message provides details
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 64
    is performed, log files of any errors or failures are generated. The log files are always updated according to the latest shred or free space bleaching operation. NOTE: Files that are successfully shredded \File Sanitizer\[Username]_DiskBleachLog.txt 58 Chapter 5 File Sanitizer for HP ProtectTools
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 65
    access to system security features that are managed by Computer Setup. With BIOS Configuration, you can accomplish the following objectives: ● Manage administrator passwords. ● Configure other power-on authentication features, such as embedded security authentication. ● Enable and disable hardware
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 66
    up, but if you fail to enter it or enter it incorrectly, you can view BIOS configuration settings but you cannot change them. ● If a BIOS administrator password has not been set, you can both view and make changes to BIOS configuration settings. 60 Chapter 6 BIOS Configuration for HP ProtectTools
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 67
    the BIOS Configuration restarts. NOTE: Password changes take effect batteries in the system ● Specification information about the processor; cache and memory size; video version; keyboard controller version; and system ROM NOTE: The "File" page is for information purposes only. None of the displayed
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 68
    "Setup Password". Action Click the Set button to set a BIOS administrator password. System IDs Option Ownership Tag Asset Tracking Number Action Enter, view or change. Enter, view or change. TPM Embedded Security NOTE: This feature is supported only on computers equipped with the HP ProtectTools
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 69
    for smart card power-on authentication. NOTE: This feature is supported only on computers with optional smart card readers. Enable or disable. Administrator Tools Option HP SpareKey Fingerprint Reset on Reboot (if present) Action Enable or disable. Enable or disable. Password Policy Option At
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 70
    the new settings to the system and leave the window open. - or - Click OK in the HP ProtectTools Security Manager window to apply the new settings to the system and close the window. Port options . Set the order in which system devices boot. 64 Chapter 6 BIOS Configuration for HP ProtectTools
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 71
    power Data execution prevention SATA device mode Dual core CPU Secondary battery fast charge HP QuickLook 2 TXT technology Display Diagnostic URL HDD Translation Mode Virtualization technology Built-in device options Option Wireless Button State Embedded WWAN Device Radio Fingerprint Device Notebook
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 72
    Adapter Boot Security Level Change, view, or hide. USB Legacy Support Security Level Change, view, or hide. Fan Always on while on AC Power Fingerprint Device Security Level Change, view, or hide. Optical Disk Drive Security Level Change, view, or hide. 66 Chapter 6 BIOS Configuration for HP
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 73
    Security Level SD Card Boot Security Level Boot From EFI File Security Level HP QuickLook 2 Security Level Wireless Button State Security Level Modem Device Security Level Finger Print reset Security Level HP SpareKey Security Level TXT Technology Security Level Diagnostic URL Security Level Change
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 74
    management functions, such as backing up and restoring the key hierarchy ● Support for third-party applications (such as Microsoft TPM embedded security chip also enables enhanced BIOS security features accessed through BIOS Configuration for HP ProtectTools. 68 Chapter 7 Embedded Security for HP
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 75
    recovery HP ProtectTools. To enable the embedded security chip: 1. Open Computer Setup by turning on or restarting the computer, and then pressing f10 while the "f10 = ROM Based Setup" message is displayed in the lower-left corner of the screen. 2. If you have not set an administrator password
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 76
    password for the embedded security chip that protects access to all owner functions on the embedded security chip. ● Set up the emergency recovery Security Initialization. The HP ProtectTools Embedded Security Initialization Wizard opens. 2. Follow the on-screen instructions. Setting up the
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 77
    password at the next logon. If the Basic User Key password is entered correctly, you can access the PSD directly from Windows Explorer. Encrypting files and folders When working and private keys, you will be able to use a recovery agent to decrypt your information. To encrypt files and folders:
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 78
    , and then click Backup. 3. In the right pane, click Backup. The HP Embedded Security for ProtectTools Backup Wizard opens. 4. Follow the on-screen instructions. Restoring certification data from the backup file To restore data from the backup file: 1. Click Start, click All Programs, and then
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 79
    password. 5. Click OK. Resetting a user password An administrator can help a user to reset a forgotten password. For more information, refer to the software Help. Enabling and disabling Embedded Security It is possible to disable the Embedded Security features if you want to work HP ProtectTools
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 80
    keys with the Migration Wizard Migration is an advanced administrator task that allows the management, restoration, and transfer of keys and certificates. For details on migration, refer to the Embedded Security software Help. 74 Chapter 7 Embedded Security for HP ProtectTools (select models only)
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 81
    or denied on the basis of group membership Starting background service For device profiles to be applied, the HP ProtectTools Device Locking/Auditing background service must be running. When you first attempt to apply device profiles, HP ProtectTools Security Manager opens a dialog box to ask if you
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 82
    non-administrators ● All removable media (floppy disks, pen drives, etc.) for all non- Start, click All Programs, and then click HP ProtectTools Security Manager. 2. In the left pane access. 4. Click Apply. NOTE: If background service is not running, it attempts to start now. Click Yes
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 83
    other members of that user's group. To allow access to one user but not the group: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. In the left pane, click Device Access Manager, and then click Device Class Configuration. 3. Click the device class that you want
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 84
    in the class. To allow access to a specific device for one user but not the group: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager. 2. In the left pane, click Device Access Manager, and then click Device Class Configuration. 3. In the device list, click the device
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 85
    . If a specific Single Sign On cannot be disabled for a given application, call HP technical support and request 3rd-level support through your HP Service contact. The option to Browse for Virtual Token is not displayed during the logon process. The user cannot move the location of a registered
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 86
    XP Service Pack 1 only. After allowing system to transition into hibernation and sleep mode, the Administrator or user is unable to log on to Credential Manager and the Windows logon screen remains displayed no matter which logon credential (password, fingerprint, or Java Card) is selected. Update
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 87
    association with virtual token. Details Solution HP is investigating resolution options for future customer software releases. When user restores identity, Credential Manager can lose the association with the location of the virtual token at logon screen. Even though Credential Manager has the
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 88
    or deleted, no one can use the TPM software. This is as designed. Users have access rights to an emergency archive so that they can save/update their Basic User Key backup copy. Users should be instructed never to encrypt or delete the recovery archive files. Embedded Security EFS interaction with
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 89
    . This allows anyone with direct access to the system to reset the TPM module and cause possible loss of data. This is as designed. The Computer Setup (f10) Utility password can only be removed by a user who knows the password. However, HP strongly recommends having the Computer Setup (f10) Utility
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 90
    error message is displayed stating that the disabling the TPM chip, but black screen and nonresponding keyboard and mouse instead of showing welcome (logon) screen HP will correct this in a future release. EFS Encryption works By allowing the prompt for User without a password being password
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 91
    button on the screen to select the location, and the restore process proceeds. ● Resets the chip to factory settings in the BIOS. ● Reboots the computer. ● Begins to restore Embedded Security. During the restore process, Credential Manager asks if the system can automate the logon to Infineon TPM
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 92
    , the users not selected are not able to restore the keys when trying to restore at a later time. A decryption process failed error message is displayed. The non-selected users can be restored by resetting the TPM, running the restore process, and selecting all users before the next default daily
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 93
    manually. HP is working TNA Icon displays the HP Notebook 1.1B implementations, as well as supporting HP Desktop 1.2 implementations. HP will address this issue in future releases. This option to disable is still supported in the software interface for TPM 1.1 platforms. Embedded Security for HP
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 94
    Services. In the Services window, search for the HP ProtectTools Device Locking/Auditing service. Be sure that the service the Device Class tree and review the settings applicable to the User denied due to the way in which Windows works out the effective permission for the device. One Troubleshooting
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 95
    TCG Spec. Version = 1.2 ● Vendor = Broadcom Corporation ● FW Version = 2.18 (or greater) ● TPM Device driver library version 2.0.0.9 (or greater) 5. If the FW version does not match 2.18, download and update the TPM firmware. The TPM Firmware SoftPaq is a support download available on the HP Web
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 96
    make TPM BIOS authentication work after reset. There is no option to make TPM BIOS authentication work. This is as designed; the factory reset clears the Basic User Key. The user must change his user PIN or create a new user to re-initialize the Basic User Key. Power-on authentication support is
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 97
    Impacted- Short description Details Solution Security Power-On Authentication overlaps the BIOS Password during boot sequence. Power-On Authentication prompts the user to log on to the system using the TPM password, but, if the user presses f10 to access the BIOS, the user is granted Read rights
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 98
    security chip during startup by entering the correct TPM Basic User Key password, the BIOS unlocks the hard drive for the user. automatic shredding. Scheduled shredding that the user sets in File Sanitizer for HP ProtectTools. Automatic Technology Manager (ATM). Allows network administrators
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 99
    SafeBoot Recovery Service. It stores a copy of the encryption key, enabling you to access your computer if you forget your password and do not have access to your local backup key. You must create an account with the service to set up online access to your backup key. Drive Encryption logon screen
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 100
    user to decrypt one or more chat history sessions, displaying the Contact Screen Name(s) in plain text and making the session available for viewing. revocation password. A password that is created when a user requests a digital certificate. The password is required when the user wants to revoke his
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 101
    HP ProtectTools Embedded Security Chip. A TPM authenticates a computer, rather than a user, by storing information specific to the host system, such as encryption keys, digital certificates, and passwords. A TPM log in. virtual token. Security feature that works very much like a Java Card and card
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 102
    backing up and restoring certification information 72 Embedded Security 72 HP ProtectTools credentials 10 Single Sign On data 18 basic user account 70 Basic User Key password changing 72 setting 70 biometric readers 13 BIOS administrator password 9 BIOS Configuration accessing 60 changing settings
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 103
    changing 73 definition 9 setting 70 P password Basic User Key 72 BIOS administrator 60 changing owner 73 emergency recovery token 70 guidelines 10 HP ProtectTools 8 managing 8 owner 70 policies, creating 7 resetting user 73 secure, creating 10 Windows 60 Windows logon 15 personal secure drive (PSD
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 104
    63, 64 power-on password definition 9 Privacy Manager 40 Privacy Manager for HP ProtectTools add or Certificates and Trusted Contacts 48 filter displayed sessions 47 importing Privacy Manager 35 requesting a Privacy Manager certificate 34 restoring a Privacy Manager certificate 36 reveal all
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 105
    Single Sign On automatic registration 17 exporting applications 18 manual registration 18 modifying application properties 18 removing applications 18 protecting against 6 token, Credential Manager 13 TPM chip enabling 69 initializing 70 troubleshooting Credential Manager 79 Device Access Manager 88
  • Compaq 516 | HP ProtectTools - Windows Vista and Windows XP - Page 106
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
HP ProtectTools
User Guide