HP EliteDesk 800 G1 Ultra-slim PC Client Security Commercial Managed IT Softwa - Page 11
HP Client Security - Setup Wizard
![]() |
View all HP EliteDesk 800 G1 Ultra-slim PC manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 11 highlights
Generate a PKI key pair to be used by the authentication service in conjunction with cryptographic functions. Generate the PKI and symmetric keys (UUK) upon enrolling a user. The UUK is not stored in the clear or simply obfuscated on the hard drive. The key is always protected via a credential. User's Windows password is used to derive a key that is then used to encrypt the UUK. Additiionally, the key is either encrypted as with the Smart Card or securely stored in the authentication device as with the secure fingerprint reader. The UUK is only released upon a successful user authentication. This key in turn encrypts other sensitive user data, the so called "user secrets". In the end, the secrets are always protected via user authentication. Microsoft Enhanced Cryptographic Provider (ECP). Design and Services HP Client Security provides an authentication service to ensure that the user authentication capabilities extend beyond Windows, and that BIOS and Drive Encryption login pages can participate in user authentication as well. All communication between the authentication service and authentication environments occurs at the service layer. The authentication service provides the following functionalities: Manages the activation and deactivation of the authentication environments (Windows, BIOS, Drive Encryption). Coordinates the authentication policies and user provisioning data across all authentication environments, thus facilitating One Step Logon and ensuring that a lockout scenario is avoided. Enroll users' credentials. HP Client Security - Setup Wizard The HP Client Security setup wizard helps secure access to your computer via a password, a fingerprint sensor (if available), or the HP SpareKey if a password or other credential is lost. The wizard safeguards hard drive access and data using HP Drive Encryption for robust information protection. It ensures that removable media cannot be accessed until authenticated with HP Device Manager with Just-In-Time Authentication, and even then the access is granted for a limited time. The wizard also enforces the default setting of Windows logon authentication and places the HP File Sanitizer icon on the desktop. 11
![](/manual_guide/products/hewlettpackard-elitedesk-800-g1-ultraslim-pc-client-security-commercial-managed-software-429ab84/11.png)