McAfee shield icon permanently overlaid on the Windows credential provider logon tile after installation
Last Modified: 2023-04-12 11:29:56 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
McAfee shield icon permanently overlaid on the Windows credential provider logon tile after installation
Technical Articles ID:
KB85634
Last Modified: 2023-04-12 11:29:56 Etc/GMT Environment
Drive Encryption (DE) 7.x Microsoft Windows For environment information, see KB79422 - Supported platforms for Drive Encryption 7.x. SummaryAfter you upgrade DE and enable Single Sign On (SSO), Windows users observe a new McAfee shield icon. This icon is overlaid on the user's logon picture on the Windows Welcome screen and appears as follows:
Previous versions of DE display this icon only at the first time the user logs on after enabling SSO. Turning off SSO removes the shield icon. The DE credential provider now monitors all logons, not just the first logon. The shield icon denotes that DE tries to capture logons through that credential for SSO or password synchronization.
The following is an excerpt from the Under the "New Features" section "Detect and notify of password changes in Windows Active Directory Drive Encryption users and Windows users are two separate entities, so changing a password in preboot changes the DE password only. Password changes made on an endpoint can be captured via DE and synchronized to the DE user. But, Windows password changes made within Active Directory can't be synchronized to the related DE user. DE 7.1.3 can be configured via ePO policy to detect when a user’s password changes in Active Directory. Then when the event happens, a pop-up notification requests that the logged in user Lock (Win+L) and Unlock their screen. The action allows DE to capture the (new) Windows password and synchronize it to the DE password. This synchronization allows the user to log on through preboot with their (new) Windows password. The introduction of this feature also adds the benefit of capturing SSO data for all logons, including screen unlocks. Otherwise, SSO data is captured for only the first logon after the system is turned on. The combination of these two features makes sure that DE user passwords remain synchronized with Windows passwords always." Under the "Enhancements" section "Ignore DE password rules during password sync for Single Sign On (SSO)
Making sure that Windows and Drive Encryption passwords remain synchronized can be a challenge for some customer real-world deployments. Also, when password changes take place, to manage and message users can present additional overhead. Before DE 7.1.3, the password synchronization from Windows to DE silently fails if the Windows password doesn't meet the criteria as defined in the DE User-Based Policy. With this release, DE introduces the ability to ignore the User-Based Policy password settings when synchronizing passwords from Windows to DE. This ability helps to reduce password synchronization issues and help desk calls." The above is expected behavior and there's no policy option to disable this feature. To submit a new product idea, go to the Enterprise Customer Product Ideas page.
Click Sign In and enter your ServicePortal User ID and password. If you do not yet have a ServicePortal or Community account, click Register to register for a new account on either website. For more information about product ideas, see KB60021 - How to submit a Product Idea. Affected ProductsLanguages:This article is available in the following languages: |
|