HP 2230s - Compaq Business Notebook Manuallines
Password localization guidelines
Hide thumbs
Also See for 2230s - Compaq Business Notebook:
- Maintenance and service manual (130 pages) ,
- Multimedia user manual (49 pages) ,
- Hardware manual (32 pages)
Advertisement
Quick Links
HP Business Notebook
Password Localization
Guidelines
November 2009
Table of Contents:
1.
Introduction........................................................................................................2
2.
Supported Platforms.............................................................................................2
3.
Overview of Design..............................................................................................3
4.
Supported Keyboard Layouts in Preboot and Drive Encryption.......................................3
5.
HP ProtectTools Security Manager Filter Logic.............................................................6
6.
How Preboot BIOS Implements the Password Filter And Handles Dead Keys......................7
7.
Exceptions..........................................................................................................8
8.
What to do when a password is rejected..................................................................12
V1.0
Advertisement
Related Manuals for HP 2230s - Compaq Business Notebook
Summary of Contents for HP 2230s - Compaq Business Notebook
-
Page 1: Table Of Contents
HP Business Notebook Password Localization Guidelines V1.0 November 2009 Table of Contents: Introduction…………………………………………………………………………………………..2 Supported Platforms………………………………………………………………………………...2 Overview of Design……………………………………………………………………………..3 Supported Keyboard Layouts in Preboot and Drive Encryption…………………………………3 HP ProtectTools Security Manager Filter Logic……………………………………………….……6 How Preboot BIOS Implements the Password Filter And Handles Dead Keys……………….…7 Exceptions………………………………………………………………………………………….…8 What to do when a password is rejected…………………………………………………...……12 ... -
Page 2: Introduction
Introduction HP has implemented the One Step Logon feature on its 2008 and newer commercial portable computers. The HP ProtectTools Security Manager wizard enables various security levels to protect the computer system and the data. The security levels that can be set are: ... -
Page 3: Overview Of Design
Overview of Design The goal of the HP ProtectTools implementation is to use password filters to reject passwords that might lock out a user at the Preboot BIOS level or Drive Encryption level. The ProtectTools Security Manager will be responsible to reject a user password at setup or password change time. A password can be acceptable for the Windows password, but if allowed may cause a lock out at Preboot BIOS or Drive Encryption level. These passwords will therefore be rejected by the HP ProtectTools password filter. The BIOS Preboot and Drive Encryption each preloads tables of key mapping from Scan Code to Unicode based on the supported keyboard layout. (see table Figure ‐1 below). When the user enters the password before OS starts, the BIOS or the Drive Encryption software will convert the key strokes to the correct Unicode based on key mapping tables and then compare the password with the one stored. The ProtectTools Security Manager will pass the keyboard layout information to BIOS Preboot and Drive Encryption. In addition, the BIOS Preboot and Drive Encryption may implement additional methods to assist password entering. E.g. In 2008 Business Notebook BIOS, a soft keyboard will be loaded to enter glyphs directly with the mouse instead of pressing a key on the keyboards if a user fails to type their password correctly. The Drive Encryption software allows the user to dynamically load the keyboard layouts. Supported Keyboard Layouts in Preboot and Drive Encryption The Preboot BIOS and Drive Encryption support a subset of Windows’ keyboard layouts due to space and other limitations. Below is a list (Figure 1) of supported keyboards in Preboot and Drive Encryption. In some cases, the common name for a particular keyboard layout differs in Windows Vista from the HP designation. In order to clarify, we provide both names. ... - Page 4 HP Keyboards Common Name in Code (hex) Microsoft Windows Vista Arabic (101) Arabic (101) 0401 Belgian (Comma) Belgian (Comma) 1080c Canadian French Canadian French 0c0c (Legacy) (Legacy) Canadian French Canadian French 1009 Chinese Bopomofo Chinese (Traditional) - US 0404 Keyboard Chinese ChaJei Chinese (Simplified) - US 0804...
- Page 5 HP Keyboards Common Name in Code (hex) Microsoft Windows Vista Norwegian Norwegian 0414 Polish Polish (Programmers) 0415 (Programmers) Polish (214) Polish (214) 10415 Portuguese Portuguese 0816 Portuguese Portuguese (Brazilian 0416 (Brazilian) ABNT) Romanian Romanian (Legacy) 0418 Slovakian Slovak 041b Slovenian Slovenian 0424 Spanish...
-
Page 6: Hp Protecttools Security Manager Filter Logic
HP ProtectTools Security Manager Filter Logic In order to prevent a lock out situation, the first level of defense is implemented by the HP ProtectTools Security Manager. It installs a password filter to reject those Windows passwords that may possibly cause a lock out in Preboot BIOS or Drive Encryption. 6 ... -
Page 7: How Preboot Bios Implements The Password Filter And Handles Dead Keys
How Preboot BIOS Implements the Password Filter And Handles Dead Keys The HP BIOS implements a second level password filter to further prevent the lock‐out situation. HP BIOS Preboot and HP Drive Encryption contain the keyboard mappings for all the supported keyboards listed above. When a user is setting up Preboot Security with the BIOS Preboot or Drive Encryption levels enabled, or when a user changes his/her password, the BIOS Preboot and Drive Encryption receives the Unicode password from the OS. The BIOS is responsible to guarantee that the keyboard being associated with that user is able to type the password. Otherwise, the BIOS will reject the password. However, there still may be an instance where the user changes the keyboard in Windows without the BIOS’s knowledge or when the user is not aware of the keyboard layout currently in use. To compensate for the situation where the user may not be able to physically type their password due to these two situations, the BIOS will automatically provide the user the ability to “click” out her/his password after failing with the physical keyboard. This is done by showing every character on the screen that could be typed with the keyboard currently associated with the user, each of them as buttons and which can be clicked with the mouse to form the password. This method provides a way for the user to enter the password without the physical keyboard. (Please note: When using the “On‐Screen Keyboard” in the BIOS, there are many characters shown and some characters may look very similar to others on some keyboards. If experiencing trouble using this feature, so please look at all of the characters before clicking out your password to ensure you are entering the correct characters.) In the BIOS, the use of Dead Keys has also been added to try to provide the user with as much keyboard functionality as possible. If for some reason a certain character is produced on the OS level that cannot be typed in the BIOS, this will cause the password change to be rejected. Unless rejected, the user should feel safe and confident in using Dead Keys for passwords associated with the Preboot Security feature. ... -
Page 8: Exceptions
Exceptions Windows IME is not supported at the Preboot Security Level and the HP Drive Encryption Level In Windows, the user can choose an IME (Input Method Editor) to enter complex characters and symbols, such as Japanese or Chinese characters, by using a standard western keyboard. The IME is not supported at Preboot and HP Drive Encryption level. Windows password entered with IME may not be entered at the Preboot or HP Drive Encryption level and may result in a lockout situation. In some cases, the Microsoft Windows doesn’t display the IME when user enters password. For example, for some Japanese installations of Windows XP, the default IME is called the “Microsoft IME Standard 2002” for Japanese , which actually translates as keyboard layout E0010411. However, this is an IME and not a keyboard layout (the keyboard layout coding scheme is simply preserved by Microsoft for IMEs, which themselves extend the concept of a keyboard layout). Since this is not a keyboard layout that can be represented in the typing environment for the BIOS Preboot password prompt or the Drive Encryption password prompt, any password typed with this IME is rejected by ProtectTools. The solution is to switch to a supported keyboard layout, such as Microsoft IME for Japanese or the Japanese keyboard layout itself, both of which translate to keyboard layout 00000411 (despite its “IME” designation in the former case). Another “IME” that actually translates to keyboard layout 00000411 is the “Office 2007 IME” for Japanese . ... - Page 9 Password change on different keyboard layouts may have potential issues If the password is initially set with one keyboard layout – e.g. US English (409) and then the user changes the password using a different but also supported keyboard layout – e.g. Latin American (080A), the password change will work in Drive Encryption but will fail in BIOS if the user uses characters which exist on the latter (say ē) but not on the former. Note: this issue is worked by the dev team and maybe fixed in the later release. A simple solution to this problem is to remove the user in question from HP ProtectTools by running the HP ProtectTools Manage Users application to remove the user from HP ProtectTools. Then, it is possible to run the Getting Started wizard again for the same user, ensuring that the desired keyboard layout is selected in the OS prior to running the wizard. This way, the BIOS stores the desired keyboard layout, and passwords that can be typed on this keyboard layout will be properly set in the BIOS. Another potential issue is the use of different keyboard layouts that can all produce the same characters. For example, both the U.S. International keyboard layout (20409) and the Latin American keyboard layout (80A) can produce the character, é, though different keystroke sequences might be required. If a password is initially set with the Latin American keyboard layout, then the Latin American keyboard layout is set in the BIOS, even if the password is subsequently changed using the U.S. International keyboard layout. Special Key Handling Chinese, Slovakian, Canadian French, Czech, Korean When a user selects one of the above keyboard layouts and enters a password (e.g. abcdef), the same password has to be entered with a shift key for lower case and the shift key and cap key for upper case in Preboot ...
- Page 10 Characters Not Supported Windows BIOS Drive Arabic Encryption keys keys , أل , إل ال , أل , إل ال generate two generate one keys , أل , إل ال characters character generate one character Windows BIOS Drive Encryption French Canadian ç, è, à, é...
- Page 11 Windows Czech The ğ key is rejected The į key is rejected The ų key is rejected The ė ı ż keys are rejected The ģ ķ ļ ņ ŗ keys are ...
-
Page 12: What To Do When A Password Is Rejected
(Unsupported characters are listed above). Then the user can go through the HP ProtectTools Security Manager wizard again to enter the new Windows password. © 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Need help?
Do you have a question about the 2230s - Compaq Business Notebook and is the answer not in the manual?
Questions and answers