Dell Data Protection Console User Guide Encryption Status/Authentication Enrollment/Password Manager v1.
Legend CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not followed. WARNING: A WARNING icon indicates a potential for property damage, personal injury, or death. IMPORTANT, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information. © 2016 Dell Inc. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners.
Contents 1 DDP Console Introduction.............................................................................................................................. 5 Contact Dell ProSupport................................................................................................................................................... 5 2 DDP Console................................................................................................................................................. 6 Navigation....
6 Glossary.......................................................................................................................................................
1 DDP Console Introduction Dell Data Protection | Security Tools provides you with simple-to-use and intuitive tools to increase the security of your computer.
2 DDP Console The DDP Console provides access to applications that ensure security for all users of the computer, to view and manage encryption status of the computer's drives and partitions and, based on policy set by the administrator, manage their logons to websites, programs and network resources; and to easily enroll their authentication credentials. To open the DDP Console, from the Desktop, double-click the DDP Console icon.
To navigate directly to another application, click the down arrow next to the active application name, and select an application. To minimize, maximize, or close the DDP Console, click the appropriate icon in the right corner of the title bar. To restore the DDP Console after minimizing, double-click its system tray icon. To open Help, click the ? on the title bar.
• version numbers of the operating system, BIOS, motherboard, and Trusted Platform Module (TPM). MS Info Runs the Microsoft Windows System Information utility to display detailed information about the hardware, components, and software environment. Copy Info Copies all of the system information to the clipboard, to paste into an email for your administrator or Dell ProSupport. Feedback Displays a form where you can provide feedback to Dell about this product.
3 Encryption Status The Encryption page displays the encryption status of the computer. If a disk, drive, or partition is not encrypted, its status reads Unprotected. A drive or partition that is encrypted shows the status Protected. To update encryption status, right-click the appropriate disk, drive, or partition, and select Refresh.
4 Enrollments The Enrollments tool lets you enroll, modify, and check enrollment status, based on policy set by the administrator. The first time you enroll your credentials with the DDP Console, a wizard guides you through enrolling a password change, Recovery Questions, fingerprints, mobile device and smart card. Depending on policy, you can either enroll or skip each credential. After initial enrollment, you can click the Enrollment tile to add or modify credentials.
4 On the Password page, to change your Windows password, enter and confirm a new password and click Next. To skip changing your password, click Skip. The wizard allows you to skip a credential if you don't want to enroll it. To return to a page, click Back. 5 Follow the instructions on each page, and click the appropriate button: Next, Skip, or Back. 6 On the Summary page, confirm the enrolled credentials and, when finished with enrollment, click Apply.
Password To change your Windows password: 1 Click the Password tab. 2 Enter the current Windows password. 3 Enter the new password and enter it again to confirm it, and click Change. Password changes are effective immediately. 4 At the Successful Enrollment dialog, click OK. NOTE: You should only change your Windows password in the DDP Console rather than in Windows. If the Windows password is changed outside of the DDP Console, a password mismatch will occur, requiring a recovery operation.
• To remove the recovery questions completely, click Delete. • To re-define the recovery questions and answers, click Re-enroll. Fingerprints NOTE: To use this feature, your computer must have a fingerprint reader. To enroll fingerprints, follow these instructions: 1 Click the Fingerprints tab. 2 On the Fingerprint page, click the finger you want to enroll. 3 Follow the on-screen instructions to enroll your fingerprint. NOTE: The finger must be successfully scanned four times to be enrolled.
Mobile Device Mobile Device enrollment provides the One-time Password (OTP) feature. With OTP, the user can log on to Windows using a password generated by the Security Tools Mobile app, on a mobile device that is paired with the computer. Alternatively, if allowed by policy, the OTP feature can be used to recover access to the computer in case a password is expired or forgotten.
2 In the upper right, click Enroll. The Enroll One-time Password page opens. 3 If this is the first computer to pair, select Yes.
a On the mobile device, download the Dell Data Protection | Security Tools Mobile app from your app store. b On the computer, click Next. Set up Security Tools Mobile 1 Open the Security Tools Mobile app. 2 Create and enter a PIN to access the Security Tools Mobile app. NOTE: The PIN may be required by policy when the mobile device is not locked. If you do not use a PIN to unlock the mobile device, you will need one to access the Security Tools Mobile app. 3 Select Enroll a Computer.
Enroll Another Mobile Device Enrolling a new device automatically unpairs the previous device. No separate steps are required to unpair. Unpair a Computer and Mobile Device To unpair a computer and mobile device without enrolling another device, select one: • In the DDP Console: On the Enrollments Status page, next to the Mobile Device credential, click Delete. • On the mobile device - see the steps below. 1 On the mobile device, complete the following: a Run the Security Tools Mobile app.
2 On the mobile device, open the Security Tools Mobile app and enter the PIN. 3 Select the computer you want to access. If the computer name does not display on the mobile device, one of these conditions may exist: • The mobile device is not enrolled, or paired, with the computer you are trying to access.
Uninstall Security Tools Mobile App On your mobile device: 1 Unpair the device and the computer. 2 Delete or uninstall the Security Tools Mobile app as you normally would delete an app from your mobile device. Smart Cards NOTE: To use this feature, your computer must have a smart card reader. To enroll smart cards, follow these instructions: 1 Click the Smartcard tab. 2 Enroll the smart card, based on type of card: • Insert the smart card into the card reader.
5 Password Manager Password Manager allows you to automatically log on to websites, Windows programs, and network resources and manage logon credentials in a single tool. Password Manager also allows users to change their logon passwords through the application, ensuring that passwords maintained by Password Manager are kept in sync with those of the targeted resource. Password Manager is supported with Internet Explorer and Mozilla Firefox.
• If you do not want to save your logon, each time you log on to the website or program, you will be prompted to save the logon credentials again. If you prefer not to be prompted, select Never for this site. A record will be created in the Website Exclusions list. See Exclude Websites for details. • If you do not want to save the credentials, click Don't Save Logon.
Add Category Before adding logons, create categories (such as Email, Storage, News, Corporate Resources, and Social Media) so that you can categorize your logons as you create them. Then you can sort and filter your logons by category. To add a category, on the Logon Manager page, click Add category, type a category name, and click Save. Add Logon 1 On the Logon Manager page, click Add Logon. Based on policy, you may be required to authenticate to add a logon. 2 Open the website or program to log on to.
4 In the next dialog, enter the following: • Category - Choose a category for the website or program logon that you are storing. If you have not added categories, this list will be empty. • Account Name - Leave as-is to accept the pre-filled name, or type the name of the website or program. • Undetected Title - These fields are detected by Password Manager as the fields on the logon page in which you enter your logon information. These fields typically include User Name or Email, and Password.
7 To save changes, click OK. 8 In the Add Logon dialog, complete the fields required for logon. NOTE: Because you are storing an existing logon, you can only change the password by going to the Change Password function of the website or program. 9 If you want Password Manager to automatically fill in and submit the logon information, select Automatically submit log in data. 10 Click Save. The website or program logon displays on the Logon Manager page.
3 When prompted, enter the password for the selected browser. NOTE: If the import does not result in imported passwords, check to determine whether the browser has stored data to import. If you are using Firefox, log on to Sync. Try importing your credentials again. Icon Context Menu When you visit a website or program, the Password Manager icon displays. The indicates that the logon form can be trained. When the is not present, the logon form has already been trained.
Add to Password Manager - Opens the Add Logon dialog. Icon Settings - Allows the user to configure the display of the Password Manager icon on trainable logon pages. Open Password Manager - Launches the Password Manager Administration tool and opens the Logon Manager page. Help - Opens the online help.
Help - Opens the online help.
Fill in Windows Credentials Some programs allow the use of Windows credentials for logon. Instead of typing your user name and password, choose the Windows credentials from the drop-down menus available in the Add Logon and Edit Logon dialogs. For the username, choose between the following types: • Windows User Name • Windows User Principal Name • Windows Domain\User Name • Windows Domain For the password, use your Windows password. These options cannot be modified.
Use Old Password It is possible to have changed a password in Password Manager and then the program rejects the new password. In this case, the program allows you to use a previous password (a password previously entered for this logon page) instead of the most recent one. Select Password History. After authentication, you are prompted to choose an old password from the Password History list. The list includes seven passwords.
3 Enter the URL of the website to exclude. 4 Click Save. Once you have excluded a website, the website is not managed by Password Manager. Simply delete the website from the Website Exclusions list to reverse the exclusion. To remove a website from the exclusions list: click X. After adding several websites, you can: • To sort the list by website, ascending or descending, click the Website column heading. • To search within the list, enter part of the URL into the search field.
Back up and Restore Password Manager Credentials The Password Manager lets you securely back up the logon data that is managed by Password Manager. This data can be restored on any computer protected by Password Manager. NOTE: The Password Manager data that is backed up does not include operating system or Preboot Authentication (PBA) logon credentials or credential-specific information, such as fingerprints.
4 Click Next. NOTE: To view a text log of the restore operation, click the 32 Dell Data Protection | Console User Guide Password Manager icon in the title bar and select Log.
6 Glossary Credential - A credential is something that proves a person’s identity, such as their fingerprint or their Windows password. One-Time Password (OTP) - A one-time password is a password that can be used only once and is valid for a limited length of time. OTP requires that the TPM is present, enabled, and owned. To enable OTP, a mobile device is paired with the computer using the Security Console and the Security Tools Mobile app.