• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Smart Card Reader

roguerower

roguerower

Diamond Member
I've got a smart card reader on my laptop and was thinking about possibly buying a smartcard to use as a physical protection against someone using my computer. Is it viable or should I just use a password?

Does anyone know where I could get one of these?
 
For the specific application you are inquiring about, the smart card is designed primarily for domain logons, not machine logons. It's for physical authentication to financial institutions, your corporate network, or any other domain that doesn't want to take a chance that you chose a poor password, or malware you installed compromised your information.

Not really viable: if you accidentally leave the card in the slot (or someone snatches it), anybody with physical access to the machine has access to your files. And they're kinda expensive, too (over $100, I think).

A password consisting of at least eight characters with a combination of uppercase & lowercase letters, numbers and special characters is virtually unguessable and unbreakable. For example, !paSswoRd1 is considered to be a strong password. Make sure any additional accounts on the machine are either disabled or also have strong passwords.

You can also add password protection to your BIOS.
 
You can lose a smart card.
One can still take the hard drive out of your PC and plug it in as a secondary drive and read all your delicious datas.
 
It's doable. You can buy smartcard readers and couple of cards for about $100.

Essentially, the smartcard acts as a store for a security 'certificate'. Certificates are used by software to verify your identity and to encrypt data.

E.g. Windows encrypted file system uses a certifcate to encrypt your files, so that only your login can acccess them. With a smartcard, it is possible to delete the certificate off the hard drive and install it on the smartcard. The certificate will only be available to windows while the smartcard is in the reader, and the smartcard has been activated by your password.

Similarly, certificates are used for logging into secure websites, or logging into secure networks (e.g. corporate). It is possible to configure windows to require a certificate instead of a username+password (and therefore you can use a smartcard login) - but this alone doesn't do anythign to secure your data.

Smartcards are more secure than usename/password. The smartcard is deactivated when removed from the reader, and must be reactivated with a password. The password is checked in the hardware of the card - and the card will lock-out or self-destruct after too many incorrect attempts.

The smartcard is also copy-proof. Someone can't just look over your shoulder and note down your usename/pw. They actually have to have the physical card in their hands, together with your password.

I've never actually set up a smartcard for windows, so I don't really know how easy or hard it is, but I've used several systems that use smartcard security in Windows - and they work, but are inconvenient. You can't log into 2 comps on the same network at the same time, and everytime you take the card out, you get forcibly logged out.

 
Regarding your concerns, are you simply worried about a friend/room mate using your notebook without permission or are you talking about more malicious activities, access to your data, etc?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top