Paradoxically, you should remove the smart card when logging on with a smart card

Raymond Chen

To connect to the Microsoft corporate network from home, employees need to use smartcard authentication. But, somewhat paradoxically, you do better if you remove the smart card. A colleague of mine tipped me off to this. To initiate the connection, you have to insert the smart card and provide the smart card password. Then the system connects to Microsoft and validates both the smart card and password. During this time, you can see the smart card access light blink on and off, and an “elapsed time” meter will start running. Once the elapsed time reaches five seconds, remove the smart card. The actual authentication happens in five seconds; the rest of the time is doing other validation, quarantining your system, confirming that you have all the necessary patches, that sort of thing. Some of those operations in turn require authentication, and if you leave your smart card in the reader, the system will try to authenticate with the smart card (slow) even though that isn’t the authentication it needs. If you remove the card, then the system won’t try to use the smart card, and the rest of the logon process will go much faster.

This tip may not work for other people who use smart cards for authentication, but it works for me to connect to Microsoft. What used to take thirty seconds now takes just seven.


Discussion is closed.

Feedback usabilla icon