Authentication with client security solution – Lenovo ThinkVantage (Client Security Solution 8.21) User Manual

2. The Windows Vista logon screen may only show one “tile, or button, for fingerprint logon, although

either fingerprint sensor can be used to log on.

Alternatively, to support logon with either the fingerprint keyboard or the integrated fingerprint device, the
Client Security Solution logon interface can be used instead of the fingerprint software logon interfaces.
However, capability is only available in Client Security Solution 8.21 or later.

If using the Client Security Solution logon interface, the fingerprint software logon interfaces should be
disabled from the “Settings” option in the respective fingerprint software application. The Client Security
Solution logon interface can be enabled via the Client Security Solution application in the Start Menu.
The option for configuring the Client Security Solution logon interface can be found by selecting Manage
security policies from the Client Security Solution application Advanced menu.

Authentication with Client Security Solution

Note: The following information applies only to Client Security Solution 8.21 and later. Previous versions
of Client Security Solution do not support the use of the integrated fingerprint device with the fingerprint
keyboard.

When performing an action with Client Security Solution that requires fingerprint authentication, such as
auto-filling a password into a Web site with Password Manager, users must swipe a finger on the fingerprint
keyboard, if it is connected, when prompted. Swipes on the built-in fingerprint device will be ignored if the
fingerprint keyboard is connected. If the fingerprint keyboard is not connected, the integrated fingerprint
sensor must be used.

A registry setting is available to require users to use the built-in fingerprint sensor for authenticating with
Client Security Solution. If this registry entry is set, fingerprint authentication with Client Security Solution
must be done with the built-in sensor, and swipes from the fingerprint keyboard will be ignored.

The registry entry is as below:

[HKLM\Software\Lenovo\TVT Common\Client Security Solution]
REG_DWORD "PreferInternalFPSensor" = 1

The default value of the above registry entry is 0, when fingerprint authentication with Client Security Solution
must be done with the fingerprint keyboard, and swipes on the built-in fingerprint device will be ignored.

This setting may also be changed by using the Client Security Solution Administrative Template file with
group policies for Active Directory.

Notes:

1. When the BIOS setting for “Reader Priority” is set to “Internal only”, it is recommended to set the

registry entry to 1. It will enable authentication with Client Security Solution to simulate the setting
for BIOS pre-desktop authentication.

2. The BIOS setting and this registry setting are independent.

Appendix B. Special considerations for using the Lenovo Fingerprint Keyboard with some ThinkPad notebook models

71