This article details how to use the Single Sign-On feature of PGP Whole Disk Encryption for multiple user on a single computer.
The PGP Whole Disk Encryption Single Sign-On (SSO) feature synchronizes the PGP Whole Disk Encryption authentication passphrase with the Microsoft Windows password when a user boots a computer. This allows you to type your Windows password at the PGP BootGuard and then you are automatically logged into your Windows account.
You can configure multiple users on one system for Single Sign-On up to 120 users. It is recommended to limit the number of Single Sign-On users to the fewest possible persons who must share the system. While technically feasible to do so, allowing a large number of users sharing a single, encrypted computer is not a secure solution, and Symantec discourages this practice.
Note: The sizes of user records may vary, depending upon the method of authentication and the size of the keys associated to non-passphrase users. The calculated maximum limit of 120 users is based on the assumption that there are only Windows password users who do not use any additional keys. The maximum possible number of Single Sign-On users decreases as user records increase in size.
To add an additional PGP WDE user
- Open PGP Desktop.
- Click the PGP Disk Control box, and then click Encrypt Whole Disk or Partition.
- In the User Access section, click Windows User.
- For User Type, select Use Windows Password then click Next.
- Click Next and then enter a password for the user.
- Click Next and then Finish.
Having multiple users who can access a disk or partition protected by PGP Whole Disk Encryption serves as a backup in case one person forgets their passphrase or loses their authentication token. Users configured for an encrypted disk or partition can authenticate to the PGP Whole Disk Encryption log-in screen to unlock any protected disk or partition on that system.