PortalGuard Desktop

This section describes known issues with the optional PortalGuard Desktop product and its components.

PassiveKey

1) Use of the toolbar from multiple workstations is not directly supported. Performing enrollment on a workstation invalidates the enrollment data on all other previously enrolled workstations. PassiveKey authentication is only possible on the last workstation the user has logged into.

The workaround for this issue is to copy users’ PassiveKey enrollment data using either a login script or Active Directory Roaming profiles. The PassiveKey enrollment data is in “%APPDATA%\PortalGuard Desktop\TTT” folder by default and all files in that folder must be copied.

2) Only 32-bit versions of Microsoft Internet Explorer are currently supported.

3) PassiveKey initialization time is relatively slow in Internet Explorer (~2 seconds). This does cause the add-on to be flagged by IE 9 and up which prompts the user to potentially disable it. This prompt will only appear once.

4) The PortalGuard Desktop MSI will only detect “machine-wide” installs of Google Chrome & Mozilla Firefox - not “per user” installs.

5) Both Google Chrome and Mozilla Firefox no longer allow fully automated/silent administrative install of extensions. These new security “features” now notify the user that a new add-on has been installed and asks them to enable it. If the user does nothing, the add-on remains disabled. Microsoft Internet Explorer does not have this behavior. The Firefox notification is impossible for users to miss in contrast to the Chrome notification which shows a small “extension” overlay image on the Settings button. Screenshots for both browsers are shown below:

Mozilla Firefox Prompt After PassiveKey Install

Google Chrome Prompt After PassiveKey Install