Windows Virtual Smart Card Login on Shared Computers RRS feed

  • Question

  • My organization has a two factor authentication requirement and I would like to explore Windows Virtual Smart Cards as a possible solution.

    Two hurdles that I am running into are the limit of virtual smart card instances per workstation and the availability of all user certificates at the login screen. Our technicians work in shifts and share workstations. They have their own logins, but work off of the same computers.

    How feasible is it to provision a smartcard for a user at login, populate it with multiple certificates (for each of their admin administrative accounts), and teardown that instance at logoff? That would enable my users to have certificates for logon via RDP and ssh (two factor for administrative accounts). 

    Or is there a better way to do this? I am aware of Yubikey and RSA... I am talking about efficient ways of managing windows virtual smart cards on shared workstations specifically.

    Sunday, October 28, 2018 5:05 PM


All replies