I am using a smartcard to store the default efs key used to encrypt files on my stand-alone windows 7 ultimate x64 machine. Since i have encrypted also the %temp% directory (that is "C:\Users\<Username>\AppData\Local\Temp" directory) it happens that some applications fail to start at logon because, i suppose, they cannot encrypt new temp files they are creating in %temp% directory or they can't access already existing files in the %temp% directory because the derived efs smart card key is not yet present in memory. (The situation is different if you have your default efs key stored on the local pc, since, as soon as you insert your logon password, the password derived key can decrypt the dpapi master key that can decrypt the efs private key) Is there a way to make the derived efs smartcard key available for applications requesting it as soon as i logon, that is without waiting me to insert smartcard pin only after i logged in, for example requesting me the pin at logon together with the logon password? Thanks a lot Michele

I performed a clean install of windows 7 and now i have no more errors, that is i am correctly prompted to insert the smartcard pin as soon as i perform the logon and the applications that crashed in my previous windows 7 installation now correctly wait for me to insert the smartcard pin before starting. I think that the tests i performed in my previous windows 7 installation, that is enabling smartcard key derivation, disabling smartcard key derivation, enabling the policy to require smartcard for efs, disabling the policy to require smartcard for efs, changing the efs key used to encrypt efs files, created some error in the efs management system and some applications crashed consequently.Michele