FRP key authentication: Encryption key access User assigned keys can be associated with OS tokens, FRP password tokens, smart card tokens, or any combination of the three token types. OS authentication Keys associated with OS authentication are available for users who have successfully logged on to Windows client as a domain user. Note: McAfee ePO administrator has the flexibility to mandate that the user authenticates using the Active Directory user name and password for the first time the OS token is used on a given Windows system. This can be configured from the OS Token tab of the Authentication policy. Customers upgrading from FRP 4.3 are advised to enable the Windows logon unlock trigger to preserve end user experience. This can be configured on the Encryption Key Options tab of the Authentication policy. FRP Password authentication Keys associated with Password authentication are available for users who authenticate with proprietary FRP password credentials. Smart card authentication Keys associated with smart card authentication are available to users based on authentication with a smart card token. See KB89888 for more information about smart card tokens.