How to disable pin caching for digital signatures?

Forum|Forum|6 years ago
June 3, 2019
2 replies
3564 views

Hi,

I have stored a digital certificate for digital signing of pdf files on a USB token (Yubikey 5). Usually the key is configured so that it always requires entering the PIN when a document is signed (verified e.g. with the Foxit PDF Reader). However, Adobe Reader DC requests the PIN only for the first document and not if additional documents are signed without restarting the Reader.

Is there any configuration option in the Adobe Reader to configure this behaviour and to enforce an ALWAYS_ENTER_PIN policy?

We contacted also the support of the USB token manufacturer and they also think that it is a special behaviour of the Adobe Reader.

Thanks

Thorsten

This topic has been closed for replies.

T

ttwellmannAuthor

New Participant

This registry setting has no impact on Adobe Reader DC (independently from the key storage windows certificate store or Yubikey). The reader caches the PIN and the user is not required to reenter the PIN before signing a document, even when the security level was set to high during import of the pfx file