Smart Cards Provide Stronger Log-on Security

Beginning with Windows 2000, Microsoft has included built-in support for cryptographic smart cards, wallet-sized cards with a microprocessor and memory that securely stores unique digital identification data. Users in organizations that have an internal public key infrastructure (PKI) can use smart cards to log on to their computers or make secure connections with their organizations over the Internet via virtual private networks, without having to use and remember complex passwords. Now that standardized plug-and-play smart card readers are cheap and readily available, equipping computers to use smart cards is simple and inexpensive—less than US$50 per user for the reader and one card. Organizations benefit from stronger authentication security that greatly reduces the possibility that someone could inappropriately impersonate legitimate users and gain access to network resources, while lowering ongoing support costs by eliminating the costs of resetting lost or forgotten passwords.

Organizations are finally beginning to adopt smart cards in a big way: Royal Dutch/Shell Group is rolling out smart cards to 85,000 users, and Microsoft itself is beginning to issue smart cards to all of its virtual private network (VPN) users.