| |
|
| System Requirements |
|
|
|
|
Q: |
Does
OtaniumSuite work with two SmartCard readers? |
|
A: |
Yes, OtaniumSuite will access the
reader which has the SmartCard inserted first. OtaniumSuite
will not use the other reader until the computer is restarted. |
|
|
|
|
Q: |
What
SmartCard readers does OtaniumSuite support? |
|
A: |
OtaniumSuite Pro and PKI support all PC/SC
compliant SmartCard readers. Readers must also be compatible with ISO 7816
SmartCards. All readers available from Dell (Latitude
Notebooks and SmartCard Keyboards) are PC/SC and ISO
7816 compliant. |
|
|
|
|
Q: |
What
SmartCards does OtaniumSuite support? |
|
A: |
Only SmartCards that have been licensed
for OtaniumSuite are supported. Cards are licensed as Primary
User Card or Emergency Cards. OtaniumSuite
comes with one Primary User Card and one Emergency Card. Replacement Primary
User Cards are not available; they can only be purchased
kitted with OtaniumSuite (Pro or PKI) software. To add Regular
Users, you can purchase Regular User Card and Emergency Card kits. |
|
|
|
|
Q: |
Which OS does OtaniumSuite support? |
|
A: |
OtaniumSuite Pro supports Window 98,
ME, 2000 Pro, XP Home and Pro. OtaniumSuite
PKI only supports Windows 2000, XP Pro and Home. For
best results, please obtain the latest Window Updates
from Microsoft. |
|
|
|
|
Q: |
Does OtaniumSuite run on Windows NT? |
|
A: |
OtaniumSuite v1.0 (Pro and PKI) is
not available for Windows NT. |
|
|
|
|
Q: |
What browsers does OtaniumSuite (Pro and PKI) support? |
|
A: |
Currently, only IE 5.0 and above is
supported with Auto-Logon and Auto-Fill features. For
drag-and-drop, Netscape 4.78 and above are also supported. |
|
|
| SmartCard |
|
|
|
|
|
|
Q: |
What cards come with OtaniumSuite? |
|
|
A: |
One Primary User Card and one Emergency
Card come with OtaniumSuite. |
|
|
|
|
|
|
Q: |
Does my SmartCard have a CPU? |
|
|
A: |
Yes. The Primary User Card and Regular
User Card have a CPU on card. |
|
|
|
|
|
|
Q: |
How much memory does my SmartCard
have? |
|
|
A: |
The Primary User Card and Regular
User Card have 32K bytes of memory, most of which
is available to store user data and PKI certificates. Some
of the card memory is used to manage the password,
and to store license and configuration information. |
|
|
|
|
 |
Q: |
Can
I use the same SmartCard on different systems at
the same time? |
| |
A: |
No, each SmartCard can only be used in
one system. Once you
have registered a SmartCard in another system, it will
be updated with new information and no longer recognized
in the previous system. |
| |
|
|
|
Q: |
What
can I do if my SmartCard is locked? |
| |
A: |
Go to Start>Programs>OtaniumSuite>Unlock SmartCard
to unlock your SmartCard. You need to know the Unblock
Password in order to do this. Warning: 8 failed attempts
to enter the Unblock Password will permanently lock
the SmartCard! |
| |
|
|
|
Q: |
What
is the Unblock Password for? |
| |
A: |
The SmartCard will be locked after 8 continuous failed attempts
to enter the SmartCard Password. When this
happens, you can go to Start>OtaniumSuite>Unlock
SmartCard to unlock the card. You will be prompted
for the Unblock Password. |
| |
|
|
|
Q: |
I
forgot my SmartCard Password. |
| |
A: |
The default SmartCard Password is 00000000 (eight 0’s). If
you have already changed this password and have forgotten
it, you can go to Start>OtaniumSuite>Unlock SmartCard
to change to New SmartCard Password. You will
be prompted for the Unblock Password. |
| |
|
|
|
Q: |
I
forgot my Unblock Password. |
| |
A: |
The default Unblock Password is
11111111 (eight 1’s). If
you have already changed this password and have forgotten
it, our Technical Support will not be able to help
you in this situation. Please make sure to keep your Unblock Password
in a safe place. Caution: 8 continuous failed attempts
to enter the Unblock Password will permanently
lock the SmartCard. |
| |
|
|
|
Q: |
I
have misplaced my SmartCard. How can I unlock my
computer? |
| |
A: |
At default, the option for Enable CTRL-ALT-DEL for Logon
and Unlock is selected in the OtaniumSuite Control
Center>SmartCard Options. You can unlock the
computer by pressing Ctrl-Alt-Del and then enter
your Windows username and password. However, if
this feature has been disabled, OtaniumSecure requires
the SmartCard to be inserted in order to unlock the
system. You will need to log on to Windows using
the Emergency Card and then restore the SmartCard. |
| |
|
|
|
Q: |
I
have misplaced my SmartCard. How can I log on my
computer? |
| |
A: |
There are various ways to log on to Windows without the SmartCard. |
| |
|
1. You
can log on with the Emergency Card/Diskette. To
log on using the Emergency Card, simply insert
the Emergency Card and our software will automatically
detect the card. To log on using the Emergency Diskette,
you must press Ctrl-Alt-A at the Welcome to Windows dialogbox. After
logging on, OtaniumSecure will prompt you to restore
your SmartCard. |
| |
|
2. You
can log on by pressing Ctrl-Alt-Del at the Welcome to
Windows dialogbox and then enter your Windows username
and password. |
| |
|
If you don’t have the Emergency
Card/Diskette and you have disabled the option
for Enable
Ctrl-Alt-Del to Logon and Unlockunder OtaniumSuite
Control Center>SmartCard Options, you
won’t be able to log on to Windows! Our Technical
Support will not be able to help you in this situation. Please
keep your Emergency Card/Diskette in a safe
place. |
| |
|
|
|
Q: |
How
can I purchase replacement or additional SmartCards? |
| |
A: |
One Primary User Card and one Emergency Card are
sold in the kit with the OtaniumSuite software. Customers
can contact the vendor where the product has been purchased
to request additional Regular User Cards and Emergency Cards. |
| |
|
|
|
Q: |
What
is the difference between the Primary User Card and Regular User
Card? |
| |
A: |
The Primary User Card can be used to install/re-install
OtaniumSuite while the Regular User Card cannot. |
|
|
|
|
|
|
Q: |
What
is the Emergency Card for? |
|
A: |
The Emergency Card should be stored in a safe place
and only used when the corresponding Primary User
Card or Regular User Card has been misplaced
or damaged. When this emergency situation arises,
the Emergency Card can be used to:
- Log on to Windows.
- Restore the corresponding Primary
User Card or Regular User Card when
prompted.
- The Emergency Card can
also be used to decrypt files/folders.
- Only the Emergency Card for
the Primary User can be used
to uninstall OtaniumSuite.
- The Emergency Card cannot be
used for other purposes such as unlocking the system, opening the OtaniumSuite Control Center, or opening OtaniumKey UI.
|
|
|
|
|
Q: |
Can
I create both of Emergency Card and Emergency Diskette? |
|
A: |
Yes, you create an Emergency Card and an Emergency Diskette. Both
will be valid and accepted by OtaniumSuite in case
of an emergency. |
|
| SmartCard
User Types |
|
|
|
|
Q: |
Please
explain different types of SmartCard users. |
|
A: |
In each system, you can have a Primary User and
up to 4 Regular Users. The Primary
User has a Primary User Card and Emergency
Card. The Regular User has a Regular
User Card and Emergency Card. |
|
|
|
|
Q: |
What
can the Primary User do? |
|
A: |
The Primary User can do everything from installing/un-installing
the software, logging on to Windows, opening the Control
Center, encrypting/decrypting files/folders, adding
users, to setting Time Control for regular users. |
|
|
|
|
Q: |
What
can the Regular User do? |
|
A: |
The Regular User can do everything the Primary
User can do except installing/un-installing
the software, adding users and setting Time Control
for Regular Users. |
|
|
|
|
Q: |
Why
can’t I change my status from Regular User to Primary
User? |
| |
A: |
Each system can only have up to one Primary User. The
current Primary User can change his/her
status to Regular User and while
the system does not have any Primary User,
another Regular User with
a local Administrator or Power User account
type can change status to Primary User. |
| |
|
|
|
Q: |
Why
can’t I adjust system time? |
| |
A: |
Only the Primary User can adjust system time. |
|
| OtaniumSecure |
|
|
|
|
Q: |
Can SmartCard
users or non-SmartCard users log on to Windows without the SmartCard? |
|
A: |
Yes, we preserve all Windows features and enhance them further
with our OtaniumSuite SmartCard application. After installing our software,
you still can use Ctrl-Alt-Del and provide your Windows username and
password in order to log on to Windows. This is OtaniumSecure’s default
setting. For maximum security, you can disable this Windows feature
by de-selecting the option for Enable CTRL-ALT-DEL for Logon and Unlock by
going to OtaniumSuite Control Center>SmartCard Options. |
|
|
|
|
Q: |
Can I disable
the SmartCard security feature without uninstalling OtaniumSuite? |
|
A: |
Yes, we preserve all Windows features and enhance them further
with our OtaniumSuite SmartCard application. After installing our software,
you still can use Ctrl-Alt-Del and provide your Windows username and
password in order to log on to Windows. This is OtaniumSecure’s default
setting. For maximum security, you can disable this Windows feature
by de-selecting the option for Enable CTRL-ALT-DEL for Logon and Unlock by
going to OtaniumSuite Control Center>SmartCard Options. |
|
|
|
|
Q: |
Can I disable
the SmartCard security feature without uninstalling OtaniumSuite? |
|
A: |
Yes, you can if you are the Primary User. Go
to OtaniumSuite Control Center>SmartCard Options and de-select the
option for Enable OtaniumSecure and then restart Windows. From
this point on, OtaniumSecure will not require the SmartCard to log onto
Windows or unlock the system. However, you will still be prompted for
the SmartCard and SmartCard Password to open the Control Center and encrypt/decrypt
files/folders. OtaniumKey and OtaniumEnabler are still functional as
normal since they are separate components from OtaniumSecure. |
|
|
|
|
Q: |
Can I unlock my
computer by inserting the SmartCard and without inputting the SmartCard
Password? |
| |
A: |
Yes, you can. After logging on to Windows, go to OtaniumSuite
Control Center>SmartCard Options and select the option for Auto authenticate when SmartCard is
detected. Note that to log on to Windows, however, you must enter the SmartCard Password
(2-factor authentication). |
| |
|
|
|
Q: |
Why does the OtaniumSuite
System Lock Option keep changing to “Never lock the system after Windows
logon”? |
| |
A: |
Whenever a user logs on to Windows or unlocks the system without
the SmartCard using Ctrl-Alt-Del, the OtaniumSuite System Lock Option
will automatically change to Never Lock the system after Windows logon. This
also happens after logging on to Windows using the Emergency Card. You
can go to OtaniumSuite Control Center>SmartCard Options to change
the setting back to Always require SmartCard Password for authentication or Auto
authenticate when the SmartCard is detected. |
|
| Time
Control |
|
|
|
|
Q: |
What
is Time Control? |
|
A: |
Time Control is set by the Primary User to
configure the time periods when Regular Users are
allowed to access the system. |
|
|
|
|
Q: |
Why
does the system prompt me with “Please save your data
now! Your access time will end in 15 minutes”? |
|
A: |
You are a Regular User and the Primary
User has set Timer Control for you. The system will prompt at 15, 10, 5, 1-minute intervals before logging out the current SmartCard user. |
|
| Encryption/Decryption |
|
|
|
|
Q: |
What
types of files can be encrypted by OtaniumSuite? |
|
A: |
All types of files except .exe, .bat, .dll, .com,
.ini, .sys files, all system files (in Windows and Program
Files
folders), desktop files and shortcuts, and currently
in use files if not permitted by the application that
opened them. For files on network drives, the drives
have to be mapped to the local machine first in order
to do file encryption/decryption. |
|
|
|
|
Q: |
I
have lost my SmartCard. How can I decrypt my encrypted
files? |
|
A: |
You can decrypt your encrypted files
using the Emergency Card. To do this, insert
the Emergency Card, right-click on the selected
encrypted file/folder, and then select Emergency Decrypt. |
|
|
|
|
Q: |
What
types of files can be encrypted? |
|
A: |
This is the definition of which files
can be encrypted using OtaniumSuite:
- The following file types are NOT encrypted:
.exe, .bat, .com, .dll, .ini, .sys.
- Shortcuts are NOT encrypted.
- All files in the Program Files folder
(and sub-folders) are NOT encrypted.
- All files in the Windows folder (and
sub-folders) are NOT encrypted. 'Windows' folder
refers to the installation folder for Win XP (or
Win 2000, etc.).
- In the Documents and Settings folder,
files under the Desktop folder and Start Menu folder of
the current user are NOT encrypted. Note, however, that
it is possible to encrypt all files (including shortcuts)
in the Desktop and Start Menu folders of other users,
including the All Users folders.
- All files on the Desktop (and in the
Desktop folder in Explorer) are NOT encrypted.
- Files opened (and locked for writing)
by another application, eg, Word, are NOT encrypted. Note
that certain applications, such as Notepad, do not
lock the file when it is opened; such files can be
encrypted.
- All other files can be encrypted. If a
file is Read-Only or Hidden, the user will be
prompted to confirm before encrypting the file.
|
|
| OtaniumKey |
|
|
|
|
Q: |
Why
doesn’t OtaniumKey prompt me to add the web-site to
the Auto-Logon list when I submit the login page the
first time? |
|
A: |
Verify that OtaniumKey is enabled
at System Tray by right-clicking OtaniumKey icon; the
second item should be displayed Disable. You
can log off from the web-site (or close the browser window),
and then try to logon again to the web-site so that OtaniumKey
can detect the login page. |
|
|
|
|
Q: |
Why
doesn’t OtaniumKey prompt me to Auto-Fill the web form
with my personal info? |
|
A: |
Check if OtaniumKey is enabled by right-clicking on the OtaniumKey
icon in the Windows System Tray. The second menu item
should be Disable, indicating that OtaniumKey
is currently enabled. Also, web forms must contain at
least 3 input boxes to trigger Auto-Fill in OtaniumKey. If
this still does not work, you can fill forms manually
at any time by dragging and dropping from OtaniumKey
to the web form. |
|
|
|
|
Q: |
Why
does OtaniumKey Auto-Fill in a web form with the wrong
Phone number? |
|
A: |
OtaniumKey supports this phone number format 123-1234567. It
doesn’t support phone number extension and prefix 1 |
|
|
|
|
Q: |
Why
doesn’t OtaniumKey Auto-Fill in a web form with Credit
Card Exp. date? |
| |
A: |
OtaniumKey currently doesn’t support Credit
Card Expiration Date. |
| |
|
|
|
Q: |
Why
doesn’t OtaniumKey Auto-Fill in my Credit Card holder
name and number? |
| |
A: |
Make sure you have selected the checkbox for Primary CreditCard in
OtaniumKey. |
| |
|
|
|
Q: |
Why
doesn’t OtaniumKey Auto-Fill in some data that MyInfo
has? |
| |
A: |
OtaniumKey doesn’t work with Combo box,
list box, Radio buttons, Checkbox, and TextArea currently. |
| |
|
|
|
Q: |
Why
doesn’t OtaniumKey Auto-Logon and Auto-Fill in feature
work at all? |
| |
A: |
Currently OtaniumKey only supports Auto-Fill
in IE 5.0 and above. Also check if OtaniumKey is enabled. We currently
support over 90% for live web-sites; however, Auto-Fill
doesn’t work with some web-sites due to their custom
designs. |
| |
|
|
|
Q: |
Why
doesn’t OtaniumKey import/export Contacts to/from MS
Outlook? |
| |
A: |
Currently OtaniumKey only supports MS Outlook 2000/XP, not
Outlook Express. |
| |
|
|
|
Q: |
OtaniumKey
keeps prompting me to Auto-Fill forms which I don’t
want to. |
| |
A: |
Disable OtaniumKey temporarily by right-clicking on the
OtaniumKey icon in the Windows System Tray. The second
menu item should be Enable, indicating that OtaniumKey
is currently disabled. |
| |
|
|
|
Q: |
What
should I do if I had changed my Username or Password
for a web-site? |
| |
A: |
Since OtaniumKey won’t automatically update, you can manually
edit the stored web-site’s username or password in OtaniumKey,
or delete the record from OtaniumKey web-site list, and
OtaniumKey will prompt you to save the (new) username/password
to the web-site list the next time you log on to this
web-site. |
| |
|
|
|
Q: |
Why
doesn’t OtaniumKey automatically take me to the selected
Start Page? |
| |
A: |
Auto-logon currently only supports login forms with two input boxes and ignores the third field that is normally used to select the default Start Page. You will have to manually select where to go next after OtaniumKey has auto-logged on to the account. |
| |
|
|
|
Q: |
Why
does OtaniumKey only fill in my account’s Username
and Password, but not automatically submit the login
page to the web-site? |
| |
A: |
Due to custom designs of some web-sites and to permit you
to log in with an alternate username, you must click
the Login button to complete the login process. |
| |
|
|
|
Q: |
Can
I record two accounts with the same web-site? |
| |
A: |
No. Our design only allows one account for each web-site. |
| |
|
|
|
Q: |
How
can I manually fill in Web Forms when OtaniumKey is
disabled? |
| |
A: |
You can open the OtaniumKey UI, simply click the mouse cursor inside
a field in OtaniumKey containing the desired information, press and hold the left mouse button and drag the cursor to the target text box to fill in the content (drag-and-drop). This function supports IE5.0 and above, Netscape 4.78 and above. |
| |
|
|
|
Q: |
Does disabling
OtaniumSecure affect OtaniumKey? |
| |
A: |
No. OtaniumKey works independently of whether OtaniumSecure
is enabled or disabled. |
|
|
| OtaniumEnabler |
|
|
|
|
Q: |
What is a Playlist? |
|
A: |
Each SmartCard user can have his/her
own list of URLs and media files. |
|
|
|
|
Q: |
When
does the playlist launch? |
|
A: |
The item, URL or media file, in the corresponding playlist
will automatically launch/play when a SmartCard is
inserted. You can press F12 to go to the next
item on the playlist. |
|
|
|
|
Q: |
OtaniumEnabler
does not automatically launch/play the first item on
the playlist when I insert my SmartCard into the reader. |
|
A: |
You
must select the option for Enable OtaniumEnabler inside
OtaniumEnabler UI, and set Never lock the system after
Windows logon in OtaniumSuite Control Center>SmartCard
Options. |
|
|
|
|
Q: |
Does disabling OtaniumSecure
affect OtaniumEnabler? |
| |
A: |
No. OtaniumEnabler works independently of whether OtaniumSecure
is enabled or disabled. |
|
| OtaniumCertificate |
|
|
|
|
Q: |
What is PKI? |
|
A: |
PKI is the acronym for Public Key Infrastructure. The technology
is called Public Key because unlike earlier forms of cryptography it works with a pair of keys. One of the two keys may be used to encrypt information, which can only be decrypted with the other key. One key is made public and the other is kept secret. The secret key is usually called the Private Key. Since the Public Key is generally made available to anyone, users may initiate secure communications without having to previously share a secret through some other medium with their correspondent. The Infrastructure is the underlying systems needed to issue keys and certificates and to publish the public information. |
|
|
|
|
Q: |
What does the OtaniumCertificate
component do? |
|
A: |
OtaniumCertificate can save your Private Key in the card. You can use the key to:
- Log on to Windows
- Send secure email.
- Digitally sign emails.
- Digitally sign documents (Office XP)
- Authenticate yourself to Internet web-sites.
The Certificate Manager under OtaniumSuite
Control Center>SmartCard Options provides some certificate
management features such as View, Export to Windows,
Delete, and Clear All. |
|
|
|
|
Q: |
Installing
certificate fails. |
|
A: |
For best results, we recommend
a maximum of 4 certificates to be stored on the card. Go
to the OtaniumSuite Control Center>SmartCard Options>Certificate
Manager and verify that you are not exceeding this
recommended maximum. You can delete one or clear
all before applying for a new certificate.
Caution: Your SmartCard (Primary User
Card and Regular User Card) can store
up to 4 digital certificates with 1024-bit private
keys. Do not attempt to exceed these limits, or
you may accidentally delete required certificates
from the SmartCard. |
|
|
|
|
Q: |
How
do I log on using a SmartCard Logon Certificate stored
on the SmartCard? |
| |
A: |
Your network must be PKI-enabled to
support SmartCard Certificate Logon. Check for the
following:
- Do you have an account on this domain?
- Does this domain server have a certificate
service installed, such as Microsoft Certificate Services?
- Have you requested and installed a SmartCard
Logon Certificate onto the SmartCard?
After you have answered yes to all of the questions above,
remove the SmartCard from the reader, log off from
Windows, and at the Welcome to Windows dialogbox select
the option for Use SmartCard Certificate Logon. Then insert your SmartCard. You should be able to log on to the PKI
server using the SmartCard Logon Certificate stored
on the SmartCard. |
| |
|
|
|
Q: |
When
removing a SmartCard User, will OtaniumSuite clear
all information on the card? |
| |
A: |
OtaniumSuite only erases all user
information and does not clear the SmartCard Password
and the certificates stored on the SmartCard. To clear
all certificates, go
to the OtaniumSuite Control Center>SmartCard Options>Certificate
Manager. All existing certificates will be displayed. At
this point, you can click Clear All to delete
them. Note: Remember to delete all your certificates
if you are re-assigning your SmartCard to someone else. |
| |
|
|
|
Q: |
Can
I store multiple Windows logon User Ids on my SmartCard? |
| |
A: |
Each card can store one Windows UserID/Password/Domain
logon credential and one SmartCard Logon digital certificate
credential; the two can represent different users on
the same or different domains. So each user can use
his SmartCard for two different identities in Windows. |
| |
|
|
|
Q: |
Can
I use OtaniumSuite PKI certificates with Microsoft
applications, such as IE and Outlook? |
| |
A: |
Yes, you can, as long as the application
supports CSP or PKCS #11 standards for digital certificates. |
| |
|
|
|
Q: |
Can
I use OtaniumSuite PKI certificates with Netscape applications,
such as Netscape Messenger and Navigator? |
| |
A: |
Yes, you can, as long as the application
supports CSP or PKCS #11 standards for digital certificates. |
| |
|
|
|
Q: |
Does
OtaniumSuite PKI work in an Entrust environment? |
| |
A: |
Yes, OtaniumSuite PKI is Entrust ready. However,
you will need a SmartCard with additional memory. Please
contact 360 Degree Web Sales at sales@360degreeweb.com. |
|
