cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

How to disable pin caching for digital signatures?

ttwellmann
New Here ,
Jun 03, 2019 Jun 03, 2019

Copy link to clipboard

Copied

Hi,

I have stored a digital certificate for digital signing of pdf files on a USB token (Yubikey 5). Usually the key is configured so that it always requires entering the PIN when a document is signed (verified e.g. with the Foxit PDF Reader). However, Adobe Reader DC requests the PIN only for the first document and not if additional documents are signed without restarting the Reader.

Is there any configuration option in the Adobe Reader to configure this behaviour and to enforce an ALWAYS_ENTER_PIN policy?

We contacted also the support of the USB token manufacturer and they also think that it is a special behaviour of the Adobe Reader.

Thanks

Thorsten 

Views

3.0K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 6 Replies 6
latest latest Jump to latest reply
Anoop9178 Adobe Employee
Adobe Employee ,
Jun 03, 2019 Jun 03, 2019

Copy link to clipboard

Copied

Hi Thorsten,

Please try adding the following Registry Key and check the behaviour:

Path: HKLM\SOFTWARE\WOW6432Node\Policies\Adobe\(product name)\(version)\FeatureLockdown\cSecurity\cPPKLite

Key Name (DWORD): bAllowPasswordSaving

Value: 0

More information on the Registry Key at https://www.adobe.com/devnet-docs/acrobatetk/tools/PrefRef/Windows/Security.html#idkeyname_1_16100

Regards,

Anoop

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
ttwellmann
New Here ,
Jun 03, 2019 Jun 03, 2019

Copy link to clipboard

Copied

In Response To Anoop9178

This did not change the behaviour...

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
ttwellmann
New Here ,
Jun 03, 2019 Jun 03, 2019

Copy link to clipboard

Copied

In Response To Anoop9178

Are you sure that this feature is available in Adobe Reader DC? I found some user documentation for the Acrobat XI: Use digital IDs in Adobe Acrobat  under "Change the password and timeout for a digital ID" but nothing comparable for the Reader DC?

Thanks for your support!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
ttwellmann
New Here ,
Jun 03, 2019 Jun 03, 2019

Copy link to clipboard

Copied

In Response To ttwellmann

I found the same configuration options as described in the user documentation linked above also for Adobe Reader DC. But you can configure this only for certificates and keys stored in pfx files. I have no clue why the registry modifications have no impact on my Yubikey....

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
ttwellmann
New Here ,
Jun 26, 2019 Jun 26, 2019

Copy link to clipboard

Copied

This registry setting has no impact on Adobe Reader DC (independently from the key storage windows certificate store or Yubikey). The reader caches the PIN and the user is not required to reenter the PIN before signing a document, even when the security level was set to high during import of the pfx file

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
SERGIO D5ED5
New Here ,
Aug 20, 2021 Aug 20, 2021

Copy link to clipboard

Copied

LATEST
In Response To ttwellmann

I have the same issue. Any idea?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
About Acrobat Reader
About Acrobat Reader
Reader Help
Acrobat Reader Help
FAQs
Download Offline installer
Extract .msi installer
About Reader Customization
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices