Previous Post Next Post

A question-based authentication token

Created: 19 Mar 2013 | Updated: 20 Mar 2013 | 7 comments

ti26

First of all, I apologize for my bad English.

I am currently using PGP WDE encryption of the system partition.

Authentication is a USB token (Aladdin eToken PRO 72k) which works perfectly. I did not want to set a user password.

With that, I run the risk of disappearing USB token or simply fail one day.

I have a question I can not find a clear answer anywhere.

The question is: If the USB token fail one day and buy a new one and re-export the key for him will be able to access the system again?

Operating Systems:

Windows 7

Discussion Filed Under:

Comments RSS Feed

Comments 7 Comments • Jump to latest comment

Alex_CST Partner Accredited

A question-based authentication token - Comment:20 Mar 2013 : Link

Yes, you can just assign that token to the user again as you did originally with the first one. You can have many tokens to one user

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

ti26

A question-based authentication token - Comment:20 Mar 2013 : Link

Alex, I can make this process of re-export the key to a new token using another computer?

Tom Mc Symantec Employee Technical Support

A question-based authentication token - Comment:20 Mar 2013 : Link

An eToken is secure - you cannot export any private keys from it. So, to have the private key on more than one eToken, you must generate your key in PGP Desktop and then import it to the eToken. You can them export/import it from your PGP Desktop as much as desired. And after having all the secure backups you want, you can delete if from your computer keyring if you wish.

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base

ti26

A question-based authentication token - Comment:20 Mar 2013 : Link

I forgot to add in my last comment that I have a backup of my private key in another location.

So if the eToken fails ... I can export this key backup to a new eToken using a different computer and regain access to my?

Tom Mc Symantec Employee Technical Support

A question-based authentication token - Comment:20 Mar 2013 : Link

I would expect this to work. Although it has been a very long time since I've seen this discussed, I recall at least one person reporting problems with doing this. So, I would suggest that you actually give it a try to confirm there is not a problem for you.

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base

ti26

A question-based authentication token - Comment:20 Mar 2013 : Link

Perhaps the serial number of the token somehow connected PGP WDE authentication. But it is only a guess.

I read the entire manual and did not find any reference to this.

I only intended to use this form of authentication. The advantage of this is the immediate destruction of data, if I want to get rid of the token.

I would use only the token-based authentication. I do not like password. A good password would take thousands of years for a possible violation. But I would totally eliminate that possibility.

I would feel more comfortable that way.

The downside of all this is that the device (token) were to disappear someday would lose my data forever.

That's why I have doubts about my question.

Tom Mc Symantec Employee Technical Support

A question-based authentication token - Comment:20 Mar 2013 : Link

Understandable. I would again suggest personally testing it on your equipment, to make sure.

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base

A question-based authentication token

Comments 7 Comments • Jump to latest comment

Would you like to reply?

Links