User's Manual
Table Of Contents
- ePass2003
- User Guide
- Chapter 1 RunTime Installation
- Chapter 2 ePass2003 Token Manager
- Chapter 3 Windows PIN Management
- 3.1 Overview
- 3.2 EnterSafe Minidriver PIN Management for Windows
- 3.2.1 Changing a User PIN
- 3.2.2 Unblocking EnterSafe Minideriver
- 3.2.2.1 Example Unblock Procedure
- 3.2.2.2 Unblocking a Smart Card with Windows 2000, XP or Server 2003
- 3.2.2.3 Unblocking a Smart Card with Windows Vista, 2008 and Windows 7
- 3.2.2.3.1 Enabling Unblock Card with Windows Vista, 2008 and Windows 7
- 3.2.2.3.2 Unblocking a Smart Card with Windows Vista, 2008 and Windows 7
- 3.2.2.4 Administrator Tools for Card Unblock
- Appendix: Terms and Abbreviations
ePass2003 User Guide
Chapter 3 Windows PIN Management
3.1 Overview
EnterSafe Minidriver is a new smart card minidriver developed by EnterSafe according to Microsoft Windows
Smart Card Framework.
The new Windows smart card architecture leverages the fact that the cryptography required in common at the top
is separate from the unique smart card hardware interfaces at the bottom. Windows now has a simple smart card
interface layer, called smart card minidriver, which leverages common cryptographic components now included in
the Windows platform.
The cryptography for smart cards has been implemented both in the legacy Cryptography API as well as the
Cryptography API Next Generation (CNG) in Microsoft Windows Vista™ and 2008. The CSP implementation for
CAPI is called the Microsoft Base Smart Card Cryptographic Service Provider, and the CNG implementation is called
the Microsoft Smart Card Key Storage Provider. The Base CSP is not supported natively in those legacy Operating
Systems, but it is available as Microsoft Windows Update # KB909520.
Base CSP and KSP provide the common software cryptographic portions, while the minidriver of a given smart
card compliant with this architecture simply plugs in to provide access to the hardware and software of that
particular smart card.
From an application developer perspective, the Base CSP, KSP and Minidriver interfaces provide a common way to
access smart card features, regardless of the card type.
For users, the new architecture includes support for all preexistent smart card scenarios, and it also provides new
tools for the management of the Personal Identification Number (PIN).
3.2 EnterSafe Minidriver PIN Management for Windows
3.2.1 Changing a User PIN
Generally, the User PIN is a password used to protect the data on the token. If a user operation (Windows logon,
email signature, email encryption, VPN access, etc.) should access the Private Memory, the user will be asked for a
User PIN.
It is recommended that users should often change their PIN to better protect the data on the token. In order to
allow users to change the value of their PIN, several interfaces are available to do so in Windows Vista/2008 and in
Copyright © Feitian Technologies Co., Ltd.
Website: www.FTsafe.com
28