When the additional disk is attached to a machine and encrypted with Symantec Encryption Desktop (SED), it might ask additional authentication after login to the system.
User's Guide says this is possible, but does not explain how to do that (https://support.symantec.com/en_US/article.DOC7060.html):
If a secondary fixed disk or partition is protected using Symantec Drive Encryption, you can authenticate at startup so that you don’t have to authenticate later when you need to use files on the secondary disk or partition. Because the files on the secondary (non-boot) disk or partition are not required for startup, you are not required to authenticate at startup. If you do not authenticate at startup, you are asked to authenticate later, when you try to use the files on the secondary disk or partition.
(...)
On the PGP BootGuard log-in screen you can:
The reason SED might ask for passphrase is that both disks belongs to different Disk Group. In order to check what are the groups run the following command from "C:\Program Files (x86)\PGP Corporation\PGP Desktop" (in 64-bit systems) or "C:\Program Files\PGP Corporation\PGP Desktop" (in 32-bit systems):
pgpwde --enum
the result will be similar to the following:
The solution for that is the following:
If the additional disk is already encrypted and the disk belongs to different disk group, follow these steps: 1. Decrypt additional drive pgpwde --decrypt --disk <external disk number> --user <username> --domain <domain_name> --interactive 2. Ensure it is not instrumented pgpwde --disk-status --disk <external disk number> 3. Run the following command to add the disk to the same group as disk 0 (bootable with OS) – with interactive switch, so no passphrase will be shown: pgpwde --add-disk --base 0 --disk <external_disk_number> --user <username> --domain <domain_name> --interactive 4. Ensure the disk belongs to the same group as bootable drive: pgpwde --enum 5. Run encryption to secure the drive: pgpwde --encrypt --disk <external disk number> --user <username> --domain <domain_name> --interactive 6. After reboot, access to the additional drive is possible without typing the passphrase once again after logging to Windows
If the additional disk is not encrypted, follow the steps 3-6 from above