Using Smart Cards for Logon Access in Windows Server 2008



The ultimate in secured infrastructures use so-called smart cards for logon access; these smart cards are fully supported in Windows Server 2008. A smart card is a credit card–sized piece of plastic with an encrypted microchip embedded within. Each user is assigned a unique smart card and an associated PIN. Logging on to a workstation is as straightforward as inserting the smart card into a smart card reader and entering in the PIN, which can be a combination of numbers and letters, similar to a password.

Security can be raised even higher by specifying that when the smart card is removed, the user is automatically logged off the console. In this scenario, users insert into the smart card reader a smart card that is physically attached to their person via a chain or string. After entering their PIN, they log on and perform all necessary functions. Upon leaving, they simply remove the smart card from the reader, which automatically logs them off the workstation. In this scenario, it is nearly impossible for users to forget to log off because they must physically detach themselves from the computer to leave.