HP Client Security Commercial Managed IT Software Technical whitepaper
HP Client Security Technical Whitepaper
August 2016
747889-002
© Copyright 2016 HP Development Company, L.P.
HP Client Security - Application 20
“Login policy” applies to the Windows Logon. “Session policy” applies to security applications running in Windows that
leverage Credential Manager, such as Password Manager.
Figure 3 HP Client Security User Management
9.2 Policies
The Administrators Policies window shown in Figure 4 provides the ability to configure login and session policies for the
applicable user(s). The Standard Users Policies has a similar interface. Logon policies govern the credentials required to log
on to Windows. Session policies govern the credentials required to verify identity within a Windows session, such as with
Password Manager and Just In Time Authentication.
Figure 4 HP Client Security Logon & Session Policy Configuration
You can control authentication strength to increase system security by requiring user to authenticate with more than one
credential or with specific credentials only when available.
The authentication logic is as follows:
OR: User can enter either one of the two credentials to authenticate. User may select individual credentials for
authenticating, such as Password OR Fingerprint.
AND: User is required to enter both credentials to authenticate. The user may select a combination of 2 credentials for
authenticating such as Bluetooth AND PIN.
When defining a logon or session policy, a credential configured as part of the AND logic cannot be selected with the OR
logic.