...
| Warning |
|---|
When Drive Encryption activation is complete, it should be restarted once before hibernation takes |
User intervention during encryption
The user can continue to work on the client system as normal even during encryption. Once the entire disk is encrypted, the technology is completely transparent to the end user. It is safe and risk-free to restart the client system during encryption.
PBA (Pre-boot Authentication)
When the client system is restarted and Drive Encryption is first activated, the user should log on with the username that matches the user attribute set in the LdapSync: Sync across users from LDAP
task and the default password of 12345 (this is the McAfee default password which can be changed in the User Based Policy) in the PBA page. The user is then prompted to change this password and enroll for self-recovery based on the policy set.
Single Sign On (SSO)
The Drive Encryption client system then boots to Windows. This first boot establishes SSO (if it has been enabled). On future restarts, the user needs to log in to PBA only. Once authenticated, SSO
automatically logs on to Windows. In short, the SSO option facilitates the user with the single authentication to the Operating System even when PBA is enabled. Though it requires an extra step, disabling SSO is the more secure
configuration. When the Synchronize Drive Encryption password with Windows option is enabled, the Drive Encryption password is reset to the Windows password