21.16 USBKey Management
Encrypted USBKeys serve as tools to elevate user encryption permissions. Inserting an encrypted USBKey into a client machine enables changes to encryption permissions.
Navigate to Document Security Management → USBKey Management to save USBKey information and manage these USBKeys.
Note:
- USBKey functionality is supported only on Windows clients. Mac and Linux clients are currently not supported.
21.16.1 Registration
An encrypted USBKey must be registered before it can be used. There are two registration methods:
Local Registration
Insert the encrypted USBKey into the console machine. Navigate to Document Security Management → USBKey Management to open the USBKey library. Select Operation → Local USBKey Information to view the USBKey details. Select the USBKey, click the 
button,choose Register, enter the registration information, and then click the 
button to save.
Remote Registration
Insert the encrypted USBKey into a remote client machine. From the console, open the USBKey library and select Operation → Remote USBKey Information. In Remote Client, choose the client with the inserted USBKey to view its details. Select the USBKey, click the button, choose Register, enter the registration information, and then click the button to save.
The information required for registration includes:
| Option |
Description |
| General |
Optional general record information. |
| Device ID |
Displays the device ID; cannot be modified. |
| Valid Until |
By default unchecked, meaning no expiration. If checked and a date is specified, the USBKey will expire after this date and become unusable. |
| USBKey Category |
The category under which the USBKey is registered. |
| Remarks |
Records information about the USBKey user, including device number, department, user, position, contact info, and additional notes. |
| Function Permissions |
Permissions granted by this USBKey; when used, the client’s current permissions are combined with the USBKey permissions. |
| Online Encryption Permission |
If the client is offline, it still inherits the online encryption permissions from the USBKey. |
| Direct Decryption Permission |
Permission to directly decrypt documents. |
| Direct External Sharing Permission |
Permission to directly share documents externally. |
| All Security Areas and Levels |
Grants permission for all security areas and levels. |
| Usage Scope |
Specifies the computers and users allowed to use this USBKey. |
21.16.2 Basic Operations
Descriptions of operations for local USBKey information:
| Icon Button |
Description |
 |
Refresh the local USBKey list. |
|
Save USBKey information to the classification library. |
 |
Operations related to USBKey data and password. |
| Reset Password |
Reset the USBKey s usage password to the initial password, which is set under Operations -> USBKey Password Settings. For locked USBKeys, resetting the password also unlocks the device. |
| Reset Data |
To prevent USBKey forgery, each registered USBKey has a unique random number. Unauthorized operations may cause a mismatch with the server, making the USBKey unusable. Reset Data restores the registered random number. |
| Restore Factory Settings |
Restore the USBKey to its original factory settings. A USBKey restored to factory settings can be registered on another server. |
|
AnySecura USBKey Registration Operations |
| Register |
Register the USBKey. |
| Disable |
After successful registration, the USBKey is enabled by default. Disabling it will make the USBKey unusable. |
| Enable |
Re-enable a disabled USBKey to restore normal use. |
| Modify Registration Info |
Modify general information, permissions, and usage scope entered during registration. |
| Delete |
Delete the USBKey from the library. The next time it is inserted, it will be treated as unregistered. |
| Auto Update ID |
When checked, a USBKey using an old ID will update automatically. If unchecked, a prompt will appear to choose whether to update. Default is unchecked. |
Note:
- The operations for remote USBKey information are similar.
- Restoring factory settings can only be performed on local USBKey information.
USBKey Properties
The properties of a USBKey include:
| Property Name |
Description |
| Device ID |
The ID information of the USBKey. |
| Registration Status |
Status options:
Unregistered: The USBKey is not registered and cannot be used.
Authorized: The USBKey is registered and can be used.
Disabled: The USBKey is disabled and cannot be used.
Expired: The USBKey has expired and cannot be used.
|
| Usage Scope |
Computers and users authorized to use the USBKey at registration. |
| Permissions |
Functional permissions assigned to the USBKey during registration. |
| Expiration Date |
The expiration date set for the USBKey at registration. |
| First Registration Time |
The first time the USBKey was registered. |
| Last Modification Time |
The last time the USBKey’s registration information was modified. |
| Last Operation Time |
The last time the USBKey was used. |
| Last Operating Computer |
The computer that last used the USBKey. |
| Remarks |
Notes set for the USBKey during registration. |
| Device Name |
The name assigned to the USBKey at registration. |
| Device Number |
The number assigned to the USBKey at registration. |
| Department |
The department the USBKey belongs to, set during registration. |
| Device User |
The name of the user assigned to the USBKey. |
| Position |
The position of the USBKey’s assigned user. |
| Contact Information |
Contact details of the USBKey’s assigned user. |
| View Usage |
Right-click a USBKey entry and select "View Usage" to see its usage details. |
21.16.3 Security Settings
USBKey Password Settings
Open the USBKey library and select "Operations -> USBKey Password Settings" to manage USBKey passwords.
The settings are described as follows:
| Setting |
Description |
| Initial Login Password |
When resetting the password, it will revert to the initial login password, which is 123456 by default. |
| Require Password Change on First Login |
If checked, the user must change the password on the first login with this USBKey. |
| Password Error Limit |
If checked and a maximum error count is specified, the USBKey will be locked after reaching the limit of incorrect password attempts. Locked USBKeys cannot be used and require a password reset to unlock. |
USBKey ID Settings
The ID acts as a usage credential for the USBKey. Each USBKey comes with a default ID from the factory, which the server also distributes to clients. The USBKey can only be used on a client if its ID matches the client’s stored ID; otherwise, it cannot be used.
On the server machine, log in to the console, open the USBKey library, and select "Operations -> USBKey ID Settings" to manage USBKey ID usage.
The functions of the buttons are as follows:
| Button |
Description |
| Modify |
Modify the USBKey ID. In the settings interface, you can choose to use the default ID or a custom ID, which can be either manually entered or randomly generated. |
| Backup |
Backup the custom ID. |
| Import |
Import a previously backed-up ID. |
If you do not want to use the default USBKey ID, you can change it to a custom ID. After modification, the USBKey will use the new ID, and the server will synchronize it to the client to ensure the client always has the latest ID.
After changing the ID, other USBKeys that have not been updated cannot be used on clients with the latest ID. You can update USBKey IDs in the console under either local or remote USBKey information.
Note:
- The ID Settings menu is not available when logging into the console from machines other than the server.
21.16.4 Log Viewing
In the USBKey library, select a USBKey, right-click, and choose "View Usage" to see its operation logs, including USBKey registration, modification of registration information, deletion, insertion, and removal.
To view logs for all USBKeys, go to the USBKey library and select "Operations -> USBKey Operation Logs."
21.16.5 Offline Use
For offline client machines, only the USBKey authorization information saved before going offline can be used. Any USBKey registered or with modified permissions after the client goes offline cannot be used on that client.
In this case, the administrator can select "Operations -> Export USBKey Authorization File" in the USBKey library to export the authorization file and send it to the client for import.
Don't see what you're looking for?
