Smartcard based Windows Logon with any Certificate

Smartcard based Windows Logon with any Certificate

If you use a smart card, you need to link the Chip Card Certificate with the credentials. Any certificate will work. There is no need that the certificate is issued by a domain CA nor is it required that the machine is member of a domain.

To do so please call “Encrypt Credentials” from the Windows Start Menu OR “Card Credentials” from the Aloaha System Tray Menu. The left dialog will open.

You need to type in your windows password, choose the smart card to be used and click “Set Credentials”.

A Softtoken will be created and saved to <Installdir>CredentialStore. That Token contains some settings, the public part of the card certificate and a smart card encrypted secret.

ONLY the private key of the chip card is able to de-crypt this secret!

Now you are already able to logon with your card to your windows system.

In some cases it might be required that you need to assign a smart card to a different user than suggested. In that case please start SmartLogin_SetCredentials.exe with the parameter /e from the Aloaha installation folder. The tool will allow you then to edit all fields.

 

 

New CodeB Credential Provider

Make sure to check out our latest offering, the CodeB Credential Provider. This new solution is designed around the updated Windows Credential Provider V2 interface, entirely built using managed code. If you're considering logging into your machine using MIFARE, DESFIRE, Memory Stick, X509 PKI Card, or a straightforward TOTP Authenticator, our brand-new Credential Provider is the perfect fit for you.

Learn more HERE or https://www.win-logon.com/credential-provider/

You might also want to read: Utilizing X.509 Certificate/Smartcard for Secure Windows Login with CodeB Credential Provider