We have this turned on for users to opt in. If users don't want to opt-in they can click on the "Finish" after the first pre-boot authentication and the prompt to register the device will not be presented again (on future pre-boot authentications), so it's a one-time hassle and not a big one...
If users click on "skip", then they will be prompted to register their device each time they authenticate at pre-boot.
You can actually set different policies (with and without companion device allowed) and tag systems to apply the different policies, but it seems to me like a lot of effort for one-time one extra click by the users. I don't think there's a way to tell how many users at my organization are actually using this method, but I assume it's not 100% as well.
Hope that helps...
Great. Thanks for the info.
I am planning on turning it on for everyone in our organization as this is the most common help desk call we have. Very forgetful users, especially after Xmas.
You should be able to filter on the logs to see the enrollment event, but i think thats as far as the reporting for this goes at the moment.
You also have the User Recovery Event (Event ID 30080), Page 104: https://kb.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/ 24000/PD24867/en_US/de_710_product_guide_en-us.pdf
This will help you at a very high level to measure the value of turning on this feature.
Thanks Naveen, this is what I was looking for... This one and event 30081 together can tell how many users registered and how often they use it, compared it to standard password recovery with the support center.