PIV Login for Macs
As of November 1, 2015, all Mac users at NIH are required to log in with a smart card.
The smart card reader provides the physical connection between the smart card's computer chip and your computer. The middleware is the communications link (e.g., translator) between applications on your computer and the specialized computer code located on the smart card chip. Smart Card Middleware is Required. The U.S.-engineered PKard for Mac meets the needs of U.S. DoD and federal Mac users for simple and straightforward two-factor authenticated (2FA) Common Access Card (CAC), CAC Dual Persona, Personal Identification Verification (PIV), and PIV-I smart card access to secure websites and web VPN. Phone and email technical support is included. Getting the PIV card to work on 10.10 Yosemite. Verify your reader works Attach your reader, use the OS X “About this Mac” - “System Report” function to verify that your computer and OS actually see and recognize a smart card device: Buy and install the PKard software. Launch OS X Keychain Assistant. Sep 10, 2015 Need Assistance? Search the NIH IT Knowledge Base for tutorials, instruction sheets and user guides or refer to the appropriate How-To Guide. For questions or user support, please contact the NIH IT Service Desk. If you have a Mac OSX or Linux based computer, you probably don’t have a card reader built in. Find a card reader option that you like and let’s move on to Middleware. Middleware For PIV credentials, middleware refers to the computer software or drivers which allow the computer to interact with the PIV credentials to support authentication.
What is PIV Login for Macs?
PIV Login for Macs is an ongoing initiative to implement the federally mandated smart card login requirement on Apple Macintosh computers at NIH. Once the initiative is complete, Mac users will be required to log into their computers using a HHS ID smart card, such as a Personal Identity Verification (PIV) card, Restricted Local Access (RLA) badge, or an Alternate Logon Token (ALT card).
Smart card login will be enacted through a custom-developed software plugin (NIHAuthPlugin). The process for installing the plugin will be conducted in a staggered manner by IC Smart card login will be enacted through a custom-developed software plugin (NIHAuthPlugin). The process for installing the plugin will be conducted in a staggered manner by IC. Smart card login is already required for Windows computers at NIH.
For information on policy requirements for PIV Login view Smart Card Policies.
How to Log Into a Mac With a Smart Card
For instructions on logging into a Mac with a smart card view How to log into your Mac with your PIV Card.
Impact on FileVault and Keychain Passwords
Once PIV login for Macs is enabled, it will impact the passwords for the Mac applications FileVault and Keychain. The following sections describe the impact and provide links to additional instructions.
FileVault Password Update if you change your NIH password while your computer is NOT connected to the NIH network, FileVault will continue to use your old password until it is updated. For instructions on updating your FileVault password, view How to Update the FileVault Password.
Note: If you become locked out of FileVault, contact your IC’s local IT support group for assistance.
Keychain Password Update the first time you log into your Mac using a PIV, you will be prompted to update your Keychain password. Update the Keychain password using the PIN associated with your PIV. For instructions, view Update Your Keychain Password.
Note: Mac users should always log into their computers using a PIV and PIN. PIV login provides better security and avoids having to reset the Keychain password repeatedly.
Additionally, if you log into your Mac differently than the previous login — For example: using your NIH username and password to login after previously using your PIV card — a dialog box will appear indicating the system was unable to unlock your login Keychain. The dialog box will also provide options for updating the login Keychain. For information about updating the login Keychain, view How to update your Keychain Password during login or How to update or re-create Mac OS Keychain password.
Note: For assistance updating the Keychain login on your Mac, contact the NIH IT Service Desk for help. Once PIV login is enforced (and users can only log in with their PIV cards), this Keychain unlock issue will no longer occur.
Piv Card Reader Software
Information and Assistance
Sd Card Reader For Mac
See the PIV Mac Frequently Asked Questions (FAQ)
For additional information, search the NIH IT Knowledge Base for tutorials, instruction sheets and user guides or refer to the appropriate How-To Guide.
Business Card Reader For Mac
For questions or user support, please contact the NIH IT Service Desk.