Silo supports access to websites requiring the use of Smart Cards such as the Common Access Card (CAC) and Personal Identity Verification (PIV) cards for authentication. A Smart Card has an embedded chip, along with a secret personal identification number code (PIN), which securely identifies the card holder.
The CAC is the secure identification card issued by the Department of Defense (DOD) to all military personnel (i.e. active duty and retired personnel). CAC allows for computer and other electronic access by satisfying two-factor authentication, digital security, and data encryption requirements. It leverages DOD certificates to verify a card holder's identity prior to allowing access to protected resources.
The PIV credential is a US Federal government wide credential used to access Federally controlled facilities and information systems at the appropriate security level. PIV credentials have certificates and key pairs, pin numbers, bio metrics like fingerprints and pictures, and other unique identifiers.
Update: Improved CAC support for Dual Persona users - Windows 2.9.13 client can now be used with CAC that have two credential certificates. This functionality is not available on other clients at this time.
The following prerequisites must be met in order to use the Smart Card functionality:
- Silo must be installed on a Windows machine.
- The device being used must have a connected and properly configured smart card reader.
- When connected to your computer, the Smart Card reader will have a Red or Amber LED illuminated light that indicates a proper connection.
- If you do not see a Red or Amber LED light, try to connect to a different USB port or another computer. If the LED light still does not display, contact your local support.
- Insert the smart card into the reader, if the light changes to Green the card has been read and validated. If it does not change to a green light, contact your local support.
- Log into the Silo application. After launching the Silo browser, a pop-up prompt will appear. Enter your Master Password. Click OK.
When you access a website that needs your smart card, you will be prompted to select an authentication certificate. If you receive a Warning or "Access Denied" message, you will need to log out of Silo and log back in to Silo to refresh the cache.
- Silo Smart Card functionality does not allow you to sign or encrypt emails
- Silo Smart Card functionality is not available on the Macintosh, Ubuntu, iPad or web-based versions
- Session Resume functionality is not available when using the Silo Smart Card
- For additional information about CAC please go to https://www.cac.mil/