Version Information
WARNING: If password caching is enabled, the password cache also contains the
Yüklə 5,12 Kb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Keyfiles Dialog Window
- Security Tokens and Smart Cards
|
WARNING: If password caching is enabled, the password cache also contains the
processed contents of keyfiles used to successfully mount a volume. Then it is possible to remount the volume even if the keyfile is not available/accessible. To prevent this, click ‘ Wipe Cache ’ or disable password caching (for more information, please see the section Settings -> Preferences, subsection Cache passwords in driver memory). See also the section Choosing Passwords and Keyfiles in the chapter Security Requirements and Precautions . Keyfiles Dialog Window If you want to use keyfiles (i.e. “apply” them) when creating or mounting volumes, or changing passwords, look for the ‘ Use keyfiles ’ option and the Keyfiles button below a password input field. * However, if you use an MP3 file as a keyfile, you must ensure that no program modifies the ID3 tags (e.g. song title, name of artist, etc.) within the MP3 file. Otherwise, it will be impossible to mount volumes that use the keyfile. 67 These control elements appear in various dialog windows and always have the same functions. Check the Use keyfiles option and click Keyfiles. The keyfile dialog window should appear where you can specify keyfiles (to do so, click Add Files or Add Token Files ) or keyfile search paths (click Add Path ). Security Tokens and Smart Cards TrueCrypt can directly use keyfiles stored on a security token or smart card that complies with the PKCS #11 (2.0 or later) standard [23] and that allows the user to store a file (data object) on the token/card. To use such files as TrueCrypt keyfiles, click Add Token Files (in the keyfile dialog window). Access to a keyfile stored on a security token or smart card is typically protected by PIN codes, which can be entered either using a hardware PIN pad or via the TrueCrypt GUI. It can also be protected by other means, such as fingerprint readers. In order to allow TrueCrypt to access a security token or smart card, you need to install a PKCS #11 (2.0 or later) software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties. If your security token or smart card does not contain any file (data object) that you could use as a TrueCrypt keyfile, you can use TrueCrypt to import any file to the token or smart card (if it is supported by the device). To do so, follow these steps: 1. In the keyfile dialog window, click Add Token Files . 2. If the token or smart card is protected by a PIN, password, or other means (such as a fingerprint reader), authenticate yourself (for example, by entering the PIN using a hardware PIN pad). 3. The ‘Security Token Keyfile’ dialog window should appear. In it, click Import Keyfile to Token and then select the file you want to import to the token or smart card. Note that you can import for example 512-bit keyfiles with random content generated by TrueCrypt (see Tools -> Keyfile Generator below). To close all opened security token sessions, either select Tools > Close All Security Token Sessions or define and use a hotkey combination ( Settings > Hot Keys > Close All Security Token Sessions ). |