Single Sign-On (SSO) technology allows you to automatically log into the operating system using the credentials of the Authentication Agent.
When using Single Sign-on technology, the Authentication Agent ignores the password strength requirements specified in Kaspersky Security Center. You can set the password strength requirements in the operating system settings.
Single Sign-On technology is incompatible with third-party providers of account credentials.
Open the Kaspersky Security Center Administration Console.
In the Managed devices folder in the Administration Console tree, open the folder with the name of the administration group to which the relevant client computers belong.
In the workspace, select the Policies tab.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select Data Encryption → Common Encryption Settings.
In the Password settings block, click the Settings button.
In the window that opens, on the Authentication Agent tab, select the Use Single Sign-On (SSO) technology check box.
Save your changes.
As a result, the user needs to complete the authentication procedure only once with the Agent. The authentication procedure is not required for loading the operating system. The operating system loads automatically.
In the main window of Web Console, select Devices → Policies and profiles.
Click the name of the Kaspersky Endpoint Security policy for computers on which you want to enable use of Single Sign-On.
The policy properties window opens.
Select the Application settings tab.
Go to Data Encryption → Full Disk Encryption.
Select the Kaspersky Disk Encryption technology and follow the link to configure the settings.
The encryption settings open.
In the Password settings section, select the Use Single Sign-On (SSO) technology check box.
Click OK.
As a result, the user needs to complete the authentication procedure only once with the Agent. The authentication procedure is not required for loading the operating system. The operating system loads automatically.
For Single Sign-On to work, the Windows account password and the password for the Authentication Agent account must match. If the passwords do not match, the user needs to perform the authentication procedure twice: in the interface of the Authentication Agent and before loading the operating system. After that, Kaspersky Endpoint Security replaces the password of the Authentication Agent account with the password of the Windows account.