As a more secure alternative to password-based
authentication to the firewall web interface, you can configure
certificate-based authentication for administrator accounts that
are local to the firewall. Certificate-based authentication involves
the exchange and verification of a digital signature instead of
a password.
Configuring certificate-based
authentication for any administrator disables the username/password
logins for all administrators on the firewall; administrators thereafter
require the certificate to log in.