This article details the supported tokens for Symantec Drive Encryption Administrator Keys.
If you need to perform maintenance or other tasks on a user's system, the administrator key allows administrators to use the key to log into the system at the PGP BootGuard screen using two-factor authentication. Therefore the administrator can log into the user's system without having to request the user's passphrase.
Supported Smart Cards and Tokens
The following smart cards and tokens can be used for the Symantec Drive Encryption administrator key with Symantec Encryption Desktop 10.3.2 and above:
- SafeNet eToken PRO 64k
- SafeNet eToken PRO 72k
- SafeNet iKey 2032
The following smart cards and tokens have been tested with previous versions of PGP Desktop and Symantec Encryption Desktop for usage with the Symantec Drive Encryption administrator key:
- Aladdin eToken 64K, 2048 bit RSA capable
- Aladdin eToken PRO USB Key 32K, 2048 bit RSA capable
- Aladdin eToken PRO without 2048 bit capability (older smart cards)
- Athena ASEKey Crypto USB Token
- Athena ASECard Crypto Smart Card
Note: If you have systems that have been encrypted with PGP WDE, you do not need to re-encrypt those disks in order to add the PGP WDE Administrator key. The key will be pushed down to the clients during the next policy update.
The supported Smart Cards and Tokens for PGP WDE Administrator Keys differ from the supported tokens available for PGP Whole Disk Encryption.