You can define a security policy to limit the mechanisms available to a user, or to force the use of a specific mechanism. See Configuring a Security Mechanism Policy. If a user logs on with a mechanism that violates applicable security policy, the logon fails.