Does Bitlocker support single sign-on? In our environment (WinXP) a smartcard is required to login. We have an older disk encryption solution "SafeBoot" but are replacing it with another solution with a move to Windows 7 Enterprise and the Gemalto .NET smartcard. A contractor has recommended McAfee Endpoint Encryption however in-house tests discovered the McAfee product doesn't support single sign-on with a smart card on Windows 7. That is, a user is prompted for their smartcard PIN twice. Once for disk encryption and once to login to Windows. This limitation has been confirmed by McAfee. Our current implementation of disk encryption has the authentication integrated so the user is not prompted twice which makes us wonder if the McAfee product is right for us. Does bitlocker support single signon?

BitLocker has no relation with the logged on user for decryption. Encryption is system wide and can be unlocked with a system PIN, a system USB or just the TPM in the system. The only user integration I have ever seen is an internal MS development that tracked the number of failed logons to remove the key material from the TPM. Short answer: no BitLocker does not have a single signon option in Windows 7.Ray - Author of Windows 7 for XP Professionals

BitLocker has no relation with the logged on user for decryption. Encryption is system wide and can be unlocked with a system PIN, a system USB or just the TPM in the system. The only user integration I have ever seen is an internal MS development that tracked the number of failed logons to remove the key material from the TPM. Short answer: no BitLocker does not have a single signon option in Windows 7.Ray - Author of Windows 7 for XP Professionals