9.4. Understanding Smart Card Authentication

In the previous section, we discussed password policies and account lockout policies that increase security for Windows Server 2008. However, the standard account logon process is still fairly insecure due to the fact that a malicious attacker only needs a single piece of information—a password—to log on to the network. This problem is compounded by the fact that users or administrators probably would not detect a stolen password until after it had been used by a hacker to break into the system. Smart cards, which are similar in appearance to credit cards, solve both of these problems.

Smart cards store user certificate information in a magnetic strip (barcode) or on a gold chip on a plastic card. ...

Get MCTS Windows Server® 2008 Active Directory Configuration: Study Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.