locked
Windows logon with certificate in the certificate store RRS feed

  • Question

  • Hello,

    We have a PKI and we don't want to purchase external devices to store certificate securely. However we would like the user to use 2 factors authentication with a certificate . 

    By putting a a certificate we issued in the OS certificate store (that will be stored in the registry), therefore the certificate is stored on the machine.

    I was wondering if it was possible for a user to authentication at logon with the AD password and the certificate on the machine? In summary is the GINA able to check the certificate in the registry at logon? 

    Cheers

    M.

    Wednesday, May 4, 2011 9:58 AM