Since installing Symantec Encryption Desktop (formerly known as PGP Whole Disk Encryption) 10.2 MP5 and above (includes all Symantec Encryption Desktop 10.3.x clients), it is now necessary to select a user icon in order to login to Windows after a system has been locked, hibernated or to change a Windows passphrase.
Symantec Drive Encryption (formerly known as PGP Whole Disk Encryption or PGP WDE) incorporates a Single Sign-On (SSO) feature into the product such that only one login is necessary to boot up and login to Windows once the system is encrypt with Symantec Drive Encryption.
Once a system is encrypted with Symantec Drive Encryption, a Pre-Boot environment is added called BootGuard (Symantec Drive Encryption preboot screen) where a user's Windows passphrase needs to be entered. Once the passphrase is successfully entered at BootGuard, the system will then boot up and load the operating system. It will automatically login to the users Windows profile.
If a non-SSO user is used, then it is necessary to authenticate with the passphrase at BootGuard. At the Windows Logon Screen the user needs to enter the credentials to log into Windows.
Symantec Encryption Desktop 10.2 MP5 and above change the behavior slightly--when using the SSO functionality and the system is locked or if a user changes his/her passphrase (using the ctrl+alt+del keystroke) or if the system comes out of hibernation. The Symantec Drive Encryption SSO functionality integrates into the CredentialProvider code of the Windows login process.
Due to this integration into Credential Provider, the new behavior requires the user to click on the user icon before it is possible to enter the Windows passphrase to unlock the machine. This may pose an inconvenience for the user.
A Feature Request was submitted to revert the behavior prior to when this change was made. Support has worked directly with Product Management and has determined this feature will not be included at this time. Please subscribe to this article for any updates. To be added to this Feature Request, please contact support who will track specific customer requests therein.