Loading…

		

		
		
		
		
		

	
						
		
			

				
				

					
					
Passwords & Keys

				

				
				

					


	
Enforcing Key Usage


		

			Applicable for Kryptel version 8.0.1 and later, Silver Key version 5.0.1 and later.
		



	


		

			Sometimes it may be useful to restrict key usage, specifically, to allow only the keys
			stored in the Password Manager’s database. This way, long and complex passwords will be
			guaranteed to be entered correctly.
		


		

			This feature is also necessary in corporate environment where the employees must use
			the keys from an approved list only.
		

		
	
		
Individual Use


			

				If strict enforcing is not required, i.e. if the user is the same person who controls
				the password database, then it is enough to turn this option on in the Settings panel.
			


			

				Open the Settings panel and select the Passwords and Keys
				page. Check the box Accept key material from Password Manager only
				and press OK.
			


	
		
Enforcing Key Policy (Enterprise Edition only)


			

				The company policy may prohibit using of unapproved keys. In this case the user
				must not be able to encrypt data with an unauthorized key.
			


            

            
		        
Step 1: Setting up the password database


			        

				        Run Password Manager, create a password database, and add the keys that the employee
				        is allowed to use. Select File / Exit to finalize
				        the database. The newly created database has the name Passwords.edb
				        and can be found in <Documents>\Kryptel Data\ folder.
			        


			        

				        Open the directory Program Files\Common Files on the user’s computer.
			        


			        

				        That directory may have a different name; the actual path may be found in the system
				        registry – see the parameter CommonFilesDir under
				        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion.
			        


			        

				        Create a subdirectory Kryptel Data and copy
				        the password database file there.
			        



		        
Step 2: Disabling Unauthorized Keys


			        

				        As above, it can be done by checking the box. However the user should not be able to uncheck
				        the box back, so this setting must be forced (see
				        Default And Forced Settings).
			        


			        

				        If this is the only option that you need to force, then you can use a ready-to-use settings file
				        Key Manager.xml.
				        Download and copy it to the folder
				        <Kryptel (Silver Key) installation folder>\Settings\Forced
				        on the user’s computer.
			        

    			
	        


			

				That’s all! The user can now encrypt using only the keys from Password Manager’s database,
				which in turn can't be modified.
			


			

				Note that this method relies on Windows access rights and works only if the user
				is not an administrator and so can’t write to Program Files.