User's Manuals
  Brands Categories News Search About Translate by Google
  
   

Table of Content

Shortcuts
Phone
Messages
Attachments
Camera and video camera
Media
Browser
Date, time, and alarm
Personal organizer
Notifications
Typing
Language
Display and keyboard
Search
Synchronization
Bluetooth technology
GPS technology
Maps
BlackBerry Messenger
Applications
Wireless network coverage
Power, battery, and memory
SIM card
Security
BrickBreaker
Word Mole game
 

BlackBerry Storm Smartphone

Security

Security basics

About the device password

If you type your BlackBerry device password incorrectly, you might be prompted to type blackberry before you can continue. When you try to type your password again, the characters that you type appear on the screen.

If you exceed the number of allowed password attempts, your device deletes all your device data for security reasons.

Set a device password

  1. In the device options, click Password.
  2. Set the Password field to Enabled.
  3. Type a password.
  4. Press the Menu key.
  5. Click Save.
To turn off the BlackBerry device password, set the Password field to Disabled.

Change the device password

  1. In the device options, click Password.
  2. Click Change Password.
Lock the device

To perform this task, you must have set a BlackBerry device password.

Press the Lock key on the top of your device.
To unlock your device, press the Lock key again.
Click Unlock.
Type your device password.
Press the Enter key.

Lock the screen

You can lock your screen to avoid clicking the screen accidentally.
Press the Lock key on the top of your device.
To unlock the screen, press the Lock key again. If necessary, type your BlackBerry device password.

Set a limit for device password attempts

  1. In the device options, click Password.
  2. Set the Number of Password Attempts field.
  3. Press the Menu key.
  4. Click Save.

Password keeper

About the password keeper

Use the password keeper to store all your passwords in one place. The password keeper is designed to protect your passwords with a password keeper password. When you type this password, the password keeper decrypts your passwords.

You can also use the password keeper to generate random passwords that contain numbers, letters, and symbols.

Add a password to the password keeper

  1. In the password keeper, press the Menu key.
  2. Click New.
  3. Type the password information.
  4. Press the Menu key.
  5. Click Save.
Generate a random password
  1. In the password keeper, press the Menu key.
  2. Click New.
  3. Press the Menu key.
  4. Click Random Password.
  5. Type the password information.
  6. Press the Menu key.
  7. Click Save.
Set criteria for randomly generated passwords
  1. In the password keeper, press the Menu key.
  2. Click Options.
  3. Set the random password fields.
  4. Press the Menu key.
  5. Click Save.
View a password in the password keeper

In the password keeper, click a password.

Change a password in the password keeper

  1. In the password keeper, highlight a password.
  2. Press the Menu key.
  3. Click Open.
  4. Change the password information.
  5. Press the Menu key.
  6. Click Save.
Hide passwords in the password keeper
  1. In the password keeper, press the Menu key.
  2. Click Options.
  3. Set the Show Password field to No.
  4. Press the Menu key.
  5. Click Save.
To show passwords in the password keeper again, set the Show Password field to Yes.

Turn off the prompt that appears before you delete items

You can turn off the prompt that appears before you delete messages, call logs, contacts, calendar entries, tasks, memos, or passwords.

  1. In an application, press the Menu key.
  2. Click Options.
  3. If necessary, click General Options.
  4. Change the Confirm Delete field to No.
  5. Press the Menu key.
  6. Click Save.
Delete a password from the password keeper
  1. In the password keeper, highlight a password.
  2. Press the Menu key.
  3. Click Delete.
Change the password keeper password
  1. In the password keeper, press the Menu key.
  2. Click Change Password.
Copy a password
  1. In the password keeper, highlight a password.
  2. Press the Menu key.
  3. Click Copy Username or Copy Password.
To clear the clipboard, press the Menu key. Click Clear Clipboard.
Note: Passwords are not encrypted when they are on the clipboard.

Prevent password copying

  1. In the password keeper, press the Menu key.
  2. Click Options.
  3. Set the Allow Clipboard Copy field to No.
  4. Press the Menu key.
  5. Click Save.
Set a limit for password attempts in the password keeper
  1. In the password keeper, press the Menu key.
  2. Click Options.
  3. Set the Password Attempts field.
  4. Press the Menu key.
  5. Click Save.

Encryption

About file encryption

File encryption is designed to protect the data that you store in the BlackBerry device memory and on a media card that can be inserted in your device. You can encrypt the files in the device memory and on your media card using an encryption key that your device generates, a device password, or both.

If you encrypt the files using an encryption key that your device generates, you can only access the files on your media card when the media card is inserted in your device. If you encrypt the files using a device password, you can access the files on your media card in any device that you insert your media card into, as long as you know the password for the device.

Encrypt the files in the device memory and on a media card

  1. In the device options, click Memory.
  2. Perform one of the following actions:
    • To encrypt files using an encryption key that your device generates, change the Encryption Mode field to Device.
    • To encrypt files using a device password, change the Encryption Mode field to Security Password.
    • To encrypt files using an encryption key and a device password, change the Encryption Mode field to Security Password & Device.
  3. Change the Encrypt Media Files field to Yes.
  4. Press the Menu key.
  5. Click Save.
To stop encrypting the files in the device memory and on a media card, change the Encryption Mode field to None.

About content protection

Content protection is designed to encrypt your BlackBerry device data. When content protection is turned on, your device uses a private key to encrypt data as it is stored on the device, including data that your device receives when it is locked. Your device decrypts data as you access it.

You can set content protection to include or exclude your contacts. If you turn on content protection for contacts and you receive a call when the device is locked, the caller name does not appear on the screen.

When you lock your device, an open lock indicator appears in the device status section of the screen to indicate that your device is deleting a copy of the private key from the temporary device memory. A lock indicator appears when the device has deleted the key.

Protect your device data

To perform this task, you must have set a BlackBerry device password.

  1. In the device options, click Security Options.
  2. Click General Settings.
  3. Change the Content Protection field to Enabled.
  4. Press the Menu key.
  5. Click Save.
Set content protection strength

You can set the strength of the encryption that your BlackBerry device uses to protect data that you receive when your device is locked.

  1. In the device options, click Security Options.
  2. Click General Settings.
  3. Set the Strength field.
  4. Press the Menu key.
  5. Click Save.
About encryption keys

If your BlackBerry device is associated with an email account that uses a BlackBerry Enterprise Server or BlackBerry Desktop Redirector, your device is designed to use an encryption key to protect data as it travels between the BlackBerry Enterprise Server or BlackBerry Desktop Redirector and your device.

You should generate a new encryption key every 2 weeks.

Generate an encryption key

  1. In the device options, click Security Options.
  2. Click General Settings.
  3. Click a service.
  4. Click Regenerate Encryption Key.
About content compression

Content compression is designed to reduce the size of your BlackBerry device data while maintaining the integrity of that data. When content compression is turned on, your device compresses all device data, including messages, contacts, calendar entries, tasks, and memos. You should keep content compression turned on.

If content compression and content protection are turned on, your device compresses device data before encrypting it.

Memory cleaning

About memory cleaning

Memory cleaning is designed to delete sensitive data from the temporary memory on your BlackBerry device. Examples of sensitive data include sensitive data in the cache for the key store browser, unencrypted data from email messages, LDAP authentication passwords, and data from certificate and key searches.

When memory cleaning is turned on, the memory cleaning application is designed to delete sensitive data automatically in the following situations:

  • when you insert your device in a holster
  • when you do not use your device for a specified period of time
  • when you synchronize with your computer
  • when you change the time or the time zone for your device
  • when you lock your device
Turn on memory cleaning
  1. In the device options, click Security Options.
  2. Click Memory Cleaning.
  3. Change the Status field to Enabled.
  4. Press the Menu key.
  5. Click Save.
Change when your device deletes sensitive data from the temporary device memory
  1. In the device options, click Security Options.
  2. Click Memory Cleaning.
  3. Perform any of the following actions:
    • To prevent your BlackBerry device from deleting sensitive data when you insert your device in a holster, change the Clean When Holstered field to No.
    • To prevent your device from deleting sensitive data when your device remains idle for a specified period of time, change the Clean When Idle field to No.
    • To change how long your device waits after you stop using it before it deletes sensitive data, change the Idle Timeout field.
  4. Press the Menu key.
  5. Click Save.
Delete sensitive application data from the temporary device memory
  1. In the device options, click Security Options.
  2. Click Memory Cleaning.
  3. In the Registered Cleaners section, click an application.
  4. Perform one of the following actions:
    • To delete sensitive data for the highlighted application, click Clean . Click OK.
    • To delete sensitive data for all applications, click Clean Now.
View the icon for the memory cleaning application on the Home screen
  1. In the device options, click Security Options.
  2. Click Memory Cleaning.
  3. Change the Show Icon on Home Screen field to Yes.
  4. Press the Menu key.
  5. Click Save.

Certificates

Certificate basics Download a certificate from an LDAP certificate server
  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Press the Menu key.
  4. Click Fetch Certificates.
  5. Specify the search criteria.
  6. Press the Menu key.
  7. Click Search.
  8. Click a certificate.
  9. Click Add Certificate to Key Store.
View properties for a certificate
  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Click a certificate.
Certificate properties

Revocation Status:
This field displays the revocation status of the certificate at a specified date and time.

Trust Status:
This field displays the trust status of the certificate chain. A certificate can be explicitly trusted (the certificate itself is trusted), implicitly trusted (the root certificate in the certificate chain is trusted on your BlackBerry device), or not trusted (the certificate is not explicitly trusted and the root certificate in the certificate chain is not trusted or does not exist on your device).

Expiration Date:
This field displays the date that the certificate issuer specified as the expiration date of the certificate.

Certificate Type:
This field displays the certificate format. Your device supports X.509 and WTLS certificate formats.

Public Key Type:
This field displays the standard to which the public key complies. Your device supports RSA, DSA, Diffie-Hellman, and ECC keys.

Subject:
This field displays information about the certificate subject.

Issuer:
This field displays information about the certificate issuer.

Serial Number:
This field displays the certificate serial number in hexadecimal format.

Key Usage:
This field displays approved uses of the public key.

Subject Alt Name:
This field displays an alternate email address for the certificate subject, if an alternate email address is available.

SHA1 Thumbprint:
This field displays the SHA-1 digital thumbprint of the certificate.

MD5 Thumbprint:
This field displays the MD5 digital thumbprint of the certificate.

View one type of certificate in the certificate list

  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Press the Menu key.
  4. Click one of the following menu items:
    • Show My Certs
    • Show Others Certs
    • Show CA Certs
    • Show Root Certs
To view all the certificates on your BlackBerry device, press the Menu key. Click Show All Certs.

Send a certificate

When you send a certificate, your BlackBerry device sends the public key, but does not send the corresponding private key.

  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Highlight a certificate.
  4. Press the Menu key.
  5. Click Send via Email or Send via PIN.
Delete a certificate
  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Highlight a certificate.
  4. Press the Menu key.
  5. Click Delete.
View the certificate chain for a certificate

  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Highlight a certificate.
  4. Press the Menu key.
  5. Click Show Chain.

Certificate status

Check the revocation status of a certificate or certificate chain
  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Highlight a certificate.
  4. Press the Menu key.
  5. Click Fetch Status or Fetch Chain Status.
Change the trust status of a certificate
  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Highlight a certificate.
  4. Press the Menu key.
  5. Click Trust or Distrust.
  6. If necessary, perform one of the following actions:
    • To trust the highlighted certificate, click Selected Certificate.
    • To trust the highlighted certificate and all the other certificates in the chain, click Entire Chain.
Revoke a certificate

If you revoke a certificate, the certificate is revoked only in the key store on your BlackBerry device. Your device does not update the revocation status on the certificate authority or CRL servers.

  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Highlight a certificate.
  4. Press the Menu key.
  5. Click Revoke.
  6. Click Yes.
  7. Change the Reason field.
  8. Click OK.
To cancel a certificate hold, highlight the certificate. Press the Menu key. Click Cancel Hold.

Certificate revocation reasons Unknown:
The revocation reason does not match any of the predefined reasons.

Key Compromise:
A person who is not the key subject might have discovered the private key value.

CA Compromise:
Someone might have revealed the private key of the certificate issuer.

Change in Affiliation:
The certificate subject no longer works for the organization.

Superseded:
A new certificate is replacing an existing certificate.

Cessation of Operation:
The certificate subject no longer requires the certificate.

Certificate Hold:
You want to revoke the certificate temporarily.

Certificate options

Change the display name for a certificate
  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Highlight a certificate.
  4. Press the Menu key.
  5. Click Change Label.
  6. Type a display name for the certificate.
  7. Click OK.
Add an email address to a certificate
  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Highlight a certificate.
  4. Press the Menu key.
  5. Click Associate Addresses.
  6. Press the Menu key.
  7. Click Add Address.
  8. Perform one of the following actions:
    • Click a contact.
    • Click Use Once. Type an email address. Press the Enter key.
  9. Press the Menu key.
  10. Click Save.
Turn off the display name prompt that appears when you add a certificate to the key store
  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Press the Menu key.
  4. Click Fetch Certificates.
  5. Press the Menu key.
  6. Click Options.
  7. Change the Prompt for Label field to No.
  8. Press the Menu key.
  9. Click Save.
When you add a certificate, your BlackBerry device uses the certificate subject as the name for the certificate.

Turn off the fetch status prompt that appears when you add a certificate to the key store

  1. In the device options, click Security Options.
  2. Click Certificates.
  3. Press the Menu key.
  4. Click Fetch Certificates.
  5. Press the Menu key.
  6. Click Options.
  7. Perform one of the following actions:
    • To download the revocation status of a certificate when you add it to the key store, change the Fetch Status field to Yes.
    • To add a certificate to the key store without downloading the revocation status, change the Fetch Status field to No.
  8. Press the Menu key.
  9. Click Save.

PGP keys

PGP key basics

Download a PGP key from an LDAP certificate server

If you use the PGP Universal Server, you might not be able to download PGP keys from an LDAP certificate server.

  1. In the device options, click Security Options.
  2. Click PGP keys.
  3. Press the Menu key.
  4. Click Fetch PGP Keys.
  5. Specify the search criteria.
  6. Press the Menu key.
  7. Click Search.
  8. Click a PGP key.
  9. Click Add PGP Key to Key Store.
Download a personal PGP key from the PGP Universal Server
  1. In the device options, click Security Options.
  2. Click PGP.
  3. Press the Menu key.
  4. Click Download Keys.
Download an updated PGP key from an LDAP certificate server
  • In the device options, click Security Options.
  • Click PGP keys.
  • Highlight a PGP key.
  • Press the Menu key.
  • Click Fetch Updated PGP Key.
View properties for a PGP key
  1. In the device options, click Security Options.
  2. Click PGP keys.
  3. Click a PGP key.
  4. Click View Subkey.
PGP key properties Revocation Status:
This field displays the revocation status of the PGP key at a specified date and time.

Trust Status:
This field displays the trust status of the PGP key. A PGP key can be explicitly trusted (the PGP key itself is trusted), implicitly trusted (the PGP key is associated with a private key on your BlackBerry device), or not trusted (the PGP key is not explicitly trusted and is not associated with a trusted PGP key on your device, and a chain of digital signatures to a trusted key does not exist).

Creation Date:
This field displays the date that the PGP Universal Server generated the PGP key.

Expiration Date:
This field displays the date that the PGP Universal Server specified as the expiration date of the PGP key.

Email Address:
This field displays the email address that is associated with the PGP key. Multiple Email Address fields might appear.

Public Key Type:
This field displays the standard to which the public key complies. Your device supports RSA, DSA, and Diffie-Hellman keys.

Key Usage:
This field displays approved uses of the PGP key.

Fingerprint:
This field displays the PGP key fingerprint in hexadecimal format.

Send a PGP key

When you send a PGP key, your BlackBerry device sends the public key, but does not send the corresponding private key.

  1. In the device options, click Security Options.
  2. Click PGP Keys.
  3. Highlight a PGP key.
  4. Press the Menu key.
  5. Click Send via Email or Send via PIN.
Delete a PGP key
  1. In the device options, click Security Options.
  2. Click PGP Keys.
  3. Highlight a PGP key.
  4. Press the Menu key.
  5. Click Delete.
Clear the PGP data cache

The PGP data cache contains cached PGP public keys and the PGP Universal Server policy that your BlackBerry device downloads from the PGP Universal Server.

  1. In the device options, click Security Options.
  2. Click PGP.
  3. Press the Menu key.
  4. Click Clear Universal Cache.
The next time that you send a PGP protected message, your device downloads an updated PGP Universal Server policy and updated PGP public keys from the PGP Universal Server. Check the revocation status of a PGP key
  1. In the device options, click Security Options.
  2. Click PGP Keys.
  3. Highlight a PGP key.
  4. Press the Menu key.
  5. Click Fetch Status.
Change the trust status of a PGP key
  • In the device options, click Security Options.
  • Click PGP Keys.
  • Highlight a PGP key.
  • Press the Menu key.
  • Click Trust or Distrust.
Revoke a PGP key

If you revoke a PGP key, the PGP key is revoked only in the key store on your BlackBerry device. Your device does not update the revocation status on the PGP Universal Server.

  • In the device options, click Security Options.
  • Click PGP Keys.
  • Highlight a PGP key.
  • Press the Menu key.
  • Click Revoke.
  • Click Yes.
  • Change the Reason field.
  • Click OK.
PGP key revocation reasons Unknown:
The revocation reason does not match any of the predefined reasons.

Superseded:
A new PGP key is replacing an existing PGP key.

Key Compromise:
A person who is not the key subject might have discovered the private key value.

Key Retired:
The PGP key is no longer used.

User ID Invalid:
The user information for the PGP key is not valid.

PGP key options

Change the display name for a PGP key
  1. In the device options, click Security Options.
  2. Click PGP keys.
  3. Highlight a PGP key.
  4. Press the Menu key.
  5. Click Change Label.
  6. Type a display name for the PGP key.
  7. Click OK.
Turn off the display name prompt that appears when you add a PGP key to the key store
  1. In the device options, click Security Options.
  2. Click PGP keys.
  3. Press the Menu key.
  4. Click Fetch PGP Keys.
  5. Press the Menu key.
  6. Click Options.
  7. Change the Prompt for Label field to No.
  8. Press the Menu key.
  9. Click Save.
When you add a PGP key, your BlackBerry device uses the name that the PGP Universal Server set for the key when it generated the key.

Turn off the fetch status prompt that appears when you add a PGP key to the key store

  • In the device options, click Security Options.
  • Click PGP Keys.
  • Press the Menu key.
  • Click Fetch PGP Keys.
  • Press the Menu key.
  • Click Options.
  • Perform one of the following actions:
  • To download the revocation status of a PGP key when you add it to the key store, change the Fetch Status field to Yes.
  • To add a PGP key to the key store without downloading the revocation status, change the Fetch Status field to No.
  • Press the Menu key.
  • Click Save.

    PGP key troubleshooting

    I cannot download a PGP key from an LDAP certificate server

    Try performing the following actions:

    • Verify that your organization permits you to download PGP keys from an LDAP certificate server. For more information, contact your administrator.
    • If you changed the connection type that your BlackBerry device uses to connect to an LDAP certificate server, try using the default connection type.

    Certificate servers

    Add a certificate server
    1. In the device options, click Security Options.
    2. Click Certificate Servers.
    3. Press the Menu key.
    4. Click New Server.
    5. Specify information for the certificate server.
    6. Press the Menu key.
    7. Click Save.
    Change connection information for a certificate server
    1. In the device options, click Security Options.
    2. Click Certificate Servers.
    3. Highlight a certificate server.
    4. Press the Menu key.
    5. Click Edit.
    6. Change connection information for the certificate server.
    7. Press the Menu key.
    8. Click Save.
    Connection options for LDAP certificate servers Friendly Name:
    Type a display name for the certificate server.

    Server Name:
    Type the network address of the certificate server.

    Base Query:
    Type the base query information for the certificate server using X.509 certificate syntax (for example, o=test.rim.net).

    Port:
    Type the port number for your organization’s network. The default port number is 38

  • Authentication Type:
    Specify whether you must log in to the certificate server.

    Connection Type:
    Specify whether your BlackBerry device uses an SSL connection or a TLS connection to connect to the certificate server.

    Connection options for OCSP and CRL servers

    Friendly Name:
    Type a display name for the certificate server.

    Server URL:
    Type the web address of the certificate server.

    Send connection information for a certificate server

    1. In the device options, click Security Options.
    2. Click Certificate Servers.
    3. Highlight a certificate server.
    4. Press the Menu key.
    5. Click Email Server or PIN Server.
    Delete a certificate server
    1. In the device options, click Security Options.
    2. Click Certificate Servers.
    3. Highlight a certificate server.
    4. Press the Menu key.
    5. Click Delete.

    Key stores

    About the key store

    The key store on your BlackBerry device might store the following items. To access these items in the key store, you must type a key store password.

    • personal certificates (certificate and private key pairs)
    • certificates that you download using the certificate synchronization tool of the BlackBerry Desktop Manager
    • certificates that you download from an LDAP certificate server
    • certificates that you add from a message
    • personal PGP keys (public and private key pairs)
    • PGP public keys that you download from an LDAP certificate server
    • PGP public keys that you add from a message
    • root certificates that are included in the BlackBerry Desktop Software
    Change the key store password
    1. In the device options, click Security Options.
    2. Click Key Stores.
    3. Press the Menu key.
    4. Click Change Password.
    Synchronize the key store password with the device password

    If you synchronize the key store password with the device password, when you change the device password, the key store password changes to match it automatically.

    1. In the device options, click Security Options.
    2. Click Key Stores.
    3. Change the Synchronize Key Store Password to Device Password field to Yes.
    4. Press the Menu key.
    5. Click Save.
    Change when your device deletes the key store password
    1. In the device options, click Security Options.
    2. Click Key Stores.
    3. Change the Private Key Password Timeout field.
    4. Press the Menu key.
    5. Click Save.
    To access private keys after your BlackBerry device deletes the key store password, you must type your key store password.

    Add contacts to your contact list automatically when you add items to the key store

    1. In the device options, click Security Options.
    2. Click Key Stores.
    3. Change the Key Store Address Injector field to Enabled.
    4. Press the Menu key.
    5. Click Save.
    Change the service that your device uses to download certificates

    Depending on your organization, you might not be able to change the service that you use to download certificates. For more information, contact your administrator.

    1. In the device options, click Security Options.
    2. Click Key Stores.
    3. Change the Certificate Service field.
    4. Press the Menu key.
    5. Click Save.
    Turn off automatic backup of key store data

    By default, items in the key store on your BlackBerry device are backed up or restored when you back up or restore your device data. If you do not want to back up your private key to or restore your private key from your computer for security reasons, you can turn off automatic backup and restore of key store data.

    1. In the device options, click Security Options.
    2. Click Key Stores.
    3. Change the Allow Key Store Backup/Restore field to No.
    4. Press the Menu key.
    5. Click Save.
    To turn on automatic backup of key store data, change the Allow Key Store Backup/Restore field to Yes.

    Change the refresh rate for certificate revocation lists

    1. In the device options, click Security Options.
    2. Click Key Stores.
    3. Change the Certificate Status Expires After field.
    4. Press the Menu key.
    5. Click Save.
    Your BlackBerry device downloads a new revocation status automatically when your device uses a key store item with a status that is older than the time limit that you set.

    Reject certificate revocation lists from unverified CRL servers

    1. In the device options, click Security Options.
    2. Click Key Stores.
    3. Change the Accept Unverified CRLs field to No.
    4. Press the Menu key.
    5. Click Save.
    Your BlackBerry device rejects certificate revocation lists from CRL servers that the BlackBerry MDS Connection Service cannot verify.

    Smart cards

    About using a smart card with your device

    Smart cards store certificates and private keys. You can use a smart card reader to import certificates from a smart card to the key store on your BlackBerry device, but you cannot import private keys. As a result, private key operations such as signing and decryption use the smart card, and public key operations such as verification and encryption use the public certificates on your device.

    If you use a smart card certificate to authenticate to your device, after you connect your smart card reader to your device, your device requests authentication from the smart card each time that you unlock your device.

    If the S/MIME Support Package for BlackBerry devices is installed on your device, you can use smart card certificates to send S/MIME- protected messages.

    About two-factor authentication

    Two-factor authentication, which requires an item that you have (for example, a smart card) and an item that you know (for example, a pass phrase), is designed to provide additional security for your BlackBerry device. You can use a smart card for two-factor authentication when you log in to your device, or you can use a software token for two-factor authentication when you use your device with RSA software as a hardware token.

    If you use two-factor authentication, you must type your pass phrase when you

    • unlock your device
    • change a general security option on your device
    • change a smart card option
    • use your device with RSA software
    Turn on two-factor authentication

    You must have set a BlackBerry device password and have the smart card password that you received with your smart card.

    1. In the device options, click Password.
    2. Change the User Authenticator field to Smart Card.
    3. Press the Menu key.
    4. Click Save.
    5. Complete the instructions on the screen.
    Import a certificate from a smart card
    1. In the device options, click Security Options.
    2. Click Certificates.
    3. Press the Menu key.
    4. Click Import Smart Card Certs.
    5. Type your smart card password.
    6. Select the check box beside a certificate.
    7. Click OK.
    8. Type your key store password.
    9. Click OK.
    Lock your device when you remove your smart card from your smart card reader
    1. In the device options, click Security Options.
    2. Click Smart Card.
    3. Change the Lock On Card Removal field to Enabled.
    4. Press the Menu key.
    5. Click Save.
    About smart password entry

    If you use two-factor authentication and your BlackBerry device password or smart card password is numeric, you might be able to use smart password entry in some password fields. When smart password entry is turned on, your device is designed to remember the format of a password that you type in a password field. When you type the password again, your device applies a smart password filter to the password field. If the password is numeric, a 123 indicator appears beside the password field. If the password is alphanumeric, an ABC indicator appears beside the password field.

    To use smart password entry, two-factor authentication must be turned on and the correct smart card driver and smart card reader must be installed on your device.

    Turn off smart password entry

    You can turn off smart password entry to reduce the chance that someone might guess your BlackBerry device password or smart card password based on the smart password filter that your device applies to password fields.

    1. In the device options, click Security Options.
    2. Click General Settings.
    3. Set the Smart Password Entry field to Disabled.
    4. Press the Menu key.
    5. Click Save.
    To turn on smart password entry again, set the Smart Password Entry field to Enabled.

    Switch smart password filters

    In a blank password field, press the Enter key.
    The indicator for the new smart password filter appears beside the password field.
    Prerequisites: Using authentication certificates

    • Your BlackBerry device must have the correct smart card driver and smart card reader driver installed.
    • You must have imported a certificate from your smart card that you can use for signing and verification.
    • You must turn on two-factor authentication.
    • You must have set a device password.
    • You must have the smart card password that you received with your smart card.
    Use a certificate to authenticate your smart card

    If you use a certificate to authenticate your smart card, the certificate authenticates your smart card whenever you use your smart card to unlock your BlackBerry device.

    1. In the device options, click Security Options.
    2. Click General Settings.
    3. Set the Authentication Certificate field.
    4. Press the Menu key.
    5. Click Save.
    To stop using a certificate to authenticate your smart card, set the Authentication Certificate field to None.

    Check the status of your authentication certificate automatically

    1. In the device options, click Security Options.
    2. Click General Settings.
    3. Change the Certificate Status Check field.
    4. Press the Menu key.
    5. Click Save.
    If your BlackBerry device checks the status of your authentication certificate and finds that it is revoked or expired, your device locks.

    Store the pass phrase for your smart card in the application memory

    1. In the device options, click Security Options.
    2. Click Smart Card.
    3. Change the PIN Caching field to Enabled.
    4. Press the Menu key.
    5. Click Save.
    Your BlackBerry device stores the pass phrase for the same length of time as it stores your key store password.

    Turn off notification for smart card connections

    1. In the device options, click Security Options.
    2. Click Smart Card.
    3. Change the LED Session Indicator field to Disabled.
    4. Press the Menu key.
    5. Click Save.
    To turn on notification for smart card connections, change the LED Session Indicator field to Enabled.

    Software tokens

    About software tokens

    You might need a software token to log in to a VPN. A software token includes a token code that your BlackBerry device regenerates periodically and a PIN. For more information about software tokens, contact your administrator.

    Change the PIN for a software token on your device

    1. In the device options, click Security Options.
    2. Click Software Tokens.
    3. Click a software token.
    4. Click Specify PIN.
    About security self-tests

    Security self-tests are designed to verify that security software is implemented correctly on your BlackBerry device. The tests should run automatically when your device restarts.

    Verify security software

    1. In the device options, click Security Options.
    2. Click General Settings.
    3. Press the Menu key.
    4. Click Verify Security Software.

    Third-party application control

    About permissions for third-party applications

    You can set permissions that control how third-party applications on your BlackBerry device interact with the other applications on your device. For example, you can control whether third-party applications can access data or the Internet, make calls, or use Bluetooth connections.

    If you have added third-party applications to your device, the device firewall is designed to prevent these applications from sending or receiving data without your knowledge. Before a third-party application sends or receives data, a dialog box prompts you to accept or deny the connection request. If you turn off the prompt, you can reset the firewall options to receive the connection prompt again.

    Reset connection permissions for third-party applications

    1. In the device options, click Security Options.
    2. Click Firewall.
    3. Press the Menu key.
    4. Click Reset Settings.
    About direct Internet connections for third-party applications

    Some third-party applications that you add to your BlackBerry device might require a direct TCP or HTTP connection to the Internet. For example, a stock price application might need to connect to the Internet to retrieve the latest stock prices. You might have to set the APN that the third-party application uses for this connection.

    Set up a direct Internet connection for a third-party application

    To obtain the user name and password for the APN, contact your wireless service provider.

    1. In the device options, click Advanced Options.
    2. Click TCP.
    3. Type the APN information.
    4. Press the Menu key.
    5. Click Save.
    Turn on safe mode

    When you start your BlackBerry device, you can turn on safe mode to prevent third-party applications from running automatically. This safe mode enables you to troubleshoot or remove any unwanted applications.

    1. Remove and reinsert the battery.
    2. When the red LED light goes out, press and hold the Escape key as the device is loading.
    3. When the dialog appears, click OK.
    When safe mode is on, a safe mode indicator appears in the device status section of the Home screen. To turn off safe mode, repeat step

  • Set permissions for a third-party application

    Note: Changing permissions for third-party applications can significantly affect the operation of applications on your BlackBerry device.
    For more information about how changing these permissions might affect the operation of the applications on your device, contact your wireless service provider or administrator.

    1. In the device options, click Advanced Options.
    2. Click Applications.
    3. Highlight a third-party application.
    4. Press the Menu key.
    5. Perform one of the following actions:
      • To set permissions for the highlighted third-party application, click Edit Permissions.
      • To set permissions for all third-party applications, click Edit Default Permissions.
    6. Expand Connections, Interactions, or User Data.
    7. Change the permission fields.
    8. Press the Menu key.
    9. Click Save.
    Connection permissions for third-party applications

    USB:
    Set whether third-party applications can use physical connections, such as a USB cable or RS-232 cable, that you have set up for your BlackBerry device.

    Bluetooth:
    Set whether third-party applications can use Bluetooth connections.

    Phone:
    Set whether third-party applications can make calls or access call logs.

    Location Data:
    Set whether third-party applications can use your GPS location information.

    Server Network:
    Set whether third-party applications can access the Internet or your organization's intranet using your organization's network.

    Internet:
    Set whether third-party applications can access the Internet through your wireless service provider (for example, using a direct Internet connection or a WAP gateway).

    Interaction permissions for third-party applications

    Cross Application Communication:
    Specify whether third-party applications can communicate and share data with other applications on your BlackBerry device.

    Device Settings:
    Specify whether third-party applications can turn on or turn off your device or change device options, such as display options.

    Media:
    Specify whether third-party applications can access media files on your device.

    Application Management:
    Specify whether third-party applications can add or delete application modules or access module information such as an application name or version.

    Themes:
    Specify whether your device can use third-party applications as a source for customized themes.

    Input Simulation:
    Specify whether third-party applications can simulate actions, such as pressing a key on your device.

    Browser Filtering:
    Specify whether third-party applications can register browser filters with the browser on your device to add, change, or delete web site content before it appears in your browser.

    Screen Capturing:
    Specify whether third-party applications can take screen shots of the device screen.

    Security Timer Reset:
    Specify whether third-party applications can reset the duration that your device remains unlocked after you stop using it.

    Data permissions for third-party applications

    Email:
    Set whether third-party applications can access email messages, SMS text messages, MMS messages, or PIN messages on your BlackBerry device.

    Organizer Data:
    Set whether third-party applications can access organizer data such as contacts, calendar entries, tasks, or memos.

    Files:
    Set whether third-party applications can access files that you store on your device. For example, you can set whether third-party applications can access files that you transfer to your device using the media manager tool of the BlackBerry Desktop Manager or Bluetooth technology.

    Security Data:
    Set whether third-party applications can access certificates or keys in the key store on your device.

    Security troubleshooting

    I cannot download a certificate

    If you changed the connection type that your BlackBerry device uses to connect to the LDAP certificate server, try switching to the default connection type. I cannot unlock my device using my smart card

    Try performing the following actions:

    • Verify that the correct smart card is inserted in the smart card reader.
    • Verify that the smart card is inserted in the smart card reader correctly.
    • Verify that you typed the smart card password correctly. You should have received this password when you received your smart card.
    • If you use a certificate to authenticate your smart card, verify that the certificate is not revoked or expired.
    My device prompts me to make an emergency call when I type a password

    If your BlackBerry device password contains a combination of letters that corresponds to an emergency access number, your devicg might prompt you to make an emergency call when you type your device password.
    To continue typing your device password, press the Escape key.

    		•  
       
      Compiled by Free Tech Secrets ;), 2008 greatis just4fun network