How Drive Encryption controls the Windows logon mechanism

Drive Encryption intercepts the Windows logon mechanism using a Passthrough Shim Gina on Windows 2003 and Windows XP, and a Credential Provider on Vista.

On Windows 2000 and XP operating systems, a custom .ini file (EPEPCGINA.INI) helps Drive Encryption analyze the logon page and port the credentials into the correct boxes on the logon page. In Windows Vista, Microsoft has replaced the original MSGINA (Graphical Identification and Authentication) with a new method called Microsoft Credential Provider.

Drive Encryption supports the Single Sign On architecture and implements a Credential Provider to communicate with Windows. Drive Encryption displays each token as a potential logon method. During log on, Drive Encryption prompts for your Windows credentials only for the first time and Drive Encryption stores the Windows credentials securely. On subsequent logon events, Drive Encryption retrieves the stored Windows credentials to log on.