dbd_login_token

exec master..dbd_login_token @module sysname, @slot int, @pin sysname, @save bit

This procedure logs in to the token on the slot with a user PIN. If login was successful and @save set to 1, login information is saved in the registry for automatic login in the future. The PIN is saved in encrypted form. Login is global and affects all user sessions. Once logged, all connections get access to the token. If @save is set to 0, SQL Server logs out from the token after restart.

PIN info is saved in the Windows user's registry. Two instances of SQL Server running under different Windows accounts will not be able to use each other's PINs. Two instances of SQL Server running under the same Windows account will be able to use each other's PINs.

Login is not always required by the token. Some tokens and it's keys may be configured to allow encryption without a login. DbDefence doesn't provide functions for key generation and token configuration.

To logout, use dbd_logout_token

To list token keys, use dbd_list_token_keys