Click here to get back home

Using a flash drive instead of a smart card.
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Using a flash drive instead of a smart card. Andrew 04-28-2008
Posted by Andrew on April 28, 2008, 1:25 am
Please log in for more thread options
 Is there a way to use a flash drive in place of a smart card for a logon
requirement?

Posted by Anthony [MVP] on April 28, 2008, 3:27 am
Please log in for more thread options
 You can use a USB drive that also contains the chip required for smart card
logon, for example this one: http://www.gemalto.com/enterprise/SEG.html
Anthony,
http://www.airdesk.co.uk




> Is there a way to use a flash drive in place of a smart card for a logon
> requirement?



Posted by S. Pidgorny on May 9, 2008, 7:14 pm
Please log in for more thread options
But you cannot use external storage of certificates other that smart cards.

That makes sense, considering the main objective of using smart card is
portection of the private key. And you can copy anything from a
general-purpose device and file system, defeating the purpose of smart card
logon - binding logon credential to single physical device.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

> You can use a USB drive that also contains the chip required for smart
> card logon, for example this one:
> http://www.gemalto.com/enterprise/SEG.html
> Anthony,
> http://www.airdesk.co.uk
>
>
>
>
>> Is there a way to use a flash drive in place of a smart card for a logon
>> requirement?
>
>



Posted by Steve Riley [MSFT] on April 29, 2008, 11:06 pm
Please log in for more thread options
Remember that a smartcard is a container for an X.509 digital certificate.
It's the identity claim in the certificate, and the associated private key
stored on the smart card, that are used for authentication.

I don't know of any products that store X.509 certificates on USB drives.
Perhaps http://www.gemalto.com/products/usb_shell_token_v2/ would work for
you, though.

--
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com



> Is there a way to use a flash drive in place of a smart card for a logon
> requirement?


Similar ThreadsPosted
Secrity applications that run on USB flash drive April 29, 2006, 11:06 am
Smart Card Login + Certificate Login to AD -> Lost smart card December 15, 2005, 10:03 pm
Smart card reader and card supplier in Australia May 5, 2008, 10:37 pm
Re-initialize smart card June 3, 2005, 8:34 am
Smart Card - two readers December 8, 2006, 8:28 am
smart card offline logon July 7, 2005, 9:02 am
Base Smart Card CSP Update December 7, 2005, 3:12 pm
Q: Seconary certificate on a smart card August 5, 2006, 6:24 am
Question Regarding Smart Card Deployment September 12, 2007, 2:16 pm
Smart card enrollment issues April 29, 2008, 8:23 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap