Elektroda.com
Elektroda.com
X
Elektroda.com

- logging in using a smart card

5151 9
This content has been translated » The original version can be found here
  • Level 13  
    If I buy any of the following cards, can I use it in windows as a login using a smart card.

    CHIP

    https://pl.aliexpress.com/item/10-pcs-lot-Con...073_10102_10096_10052_10050_10107_10051_10106, searchweb201603_0, afswitch_5 & btsid = 55a024c3-6206-45d2-bc18-23a4b8ba2d43

    NFC

    https://pl.aliexpress.com/item/5pcs-UID-IC-ca...-S50-MF1-libnfc-RFID-13/32480648720.html?spm= 2114.010108.3.320.70Al6k & ws_ab_test = searchweb0_0, searchweb201602_0_10065_10068_10000009_10084_10083_10080_10082_10081_10060_10062_10056_10055_10054_10059_10099_10078_10079_426_10103_10073_10102_10096_10052_10050_10107_10051_10106, searchweb201603_0, afswitch_5 & btsid = e8693707-cf73-4d09-9031-126168ede794
    or
    https://pl.aliexpress.com/item/White-10Pcs-Pa...-RFID-Readable-Writable/32605721999.html?spm= 2114.010108.3.58.70Al6k & ws_ab_test = searchweb0_0, searchweb201602_0_10065_10068_10000009_10084_10083_10080_10082_10081_10060_10062_10056_10055_10054_10059_10099_10078_10079_426_10103_10073_10102_10096_10052_10050_10107_10051_10106, searchweb201603_0, afswitch_5 & btsid = e8693707-cf73-4d09-9031-126168ede794
  • Level 38  
    Hello,
    it is possible.

    However, you need a proper reader of these cards along with the software that will enable alternative login.
    For example, I have a notebook with a fingerprint reader, the appropriate software allows you to log in by entering a password or by dragging your finger through the sensor (previously I had to enter all acceptable fingerprint patterns during installation).

    greetings
  • Level 10  
    I'm afraid not. You may be able to store your certificate and keys on them, but it's not the same. Rather, they are memory cards, simply having a certain amount of secure (pin protected) eeprom memory. They do not have a processor responsible for cryptographic functions, key generation and certificate management. So these are not typical smart cards. I've never played NFC, only contact cards, but it looks like you'll have the same problem with them.
    greetings
    Dragon.
  • Level 13  
    If you cannot use capacitive cards to log in to windows, then where can you buy cards that are suitable for that.
    Somehow, I can't find a microprocessor card on aliexpress

    I am interested in buying about 10-20 pieces of cards.
  • Level 10  
    I do not know how the case looks quantitative (do they sell small quantities), I also did not want to do surreptitious advertising, but since you ask ... I bought my test cards at CryptoTech in Krakow: http://www.cryptotech.com.pl/. I can recommend them as implementation partners.
    You must also be aware that in addition to purchasing cards, you will need to implement (if you do not already have) AD (or other network system supporting login with a smart card) and PKI in your network. I have not heard of the fact that smart card login can be implemented on self-signed certificates (besides, it makes average sense outside the laboratory environment).
    greetings
    Dragon.
  • Level 13  
    https://www.mysmartlogon.com/nfccsp/

    I am looking for the best free alternative to the above program.

    from what I understood, the windows server has the built-in ability to use only chip cards with a microprocessor, the price of the cards is about PLN 75 and it does not support proximity cards, e.g. MFare or capacitive chip cards.
    Here you need to look for alternatives in the style of aloaha or mysmartlogon.
    The price for mysmartlogon is 15 euros for one computer while aloaha is about 230 zlotys, i.e. acceptable
    However, I have a big reservation about security
    I am not sure, but aloaha, I probably simulate a keyboard, i.e. I put the card on and the data are entered in plain text, i.e. the certificate is not stored on this card.
    @ is-smok - I tried to contact cryptotech but they do not answer the phone, could you reveal how much you paid for the card for testing and possibly provide the model of this card and information whether you used it to log in to windows using windows software
  • Level 10  
    Unfortunately I can't give you the price. The card model is Carbon. It has both a qualified and non-qualified signature element. Yes, it works without any problems with the PKI World Championship (ADCA), also in terms of logging into workstations.
    greetings
    Dragon.
  • Level 1  
    I have a question for you regarding logging in using a wifi network card, the point is that I created the .crt certificate and the key .key, if downloading the certificate is not a problem, I am not able to upload the key to the smartcard.
    I need to upload the wifi key, but I have a problem with it, so I decided to check my other openvpn, ipsec certificates and certificates imported correctly, but the keys do not. Does anyone have an idea how to solve this dilemma?
    PS.
    Certificates and keys are generated using openssl, maybe in the case of smartcard, you need to generate them differently, but I found nue on the internet.
  • Level 10  
    I didn't play with openssl certificates, but in Windows CA there is such a function as "mark the key as exportable" in the certificate template. Maybe there is something like this here? The key import is done via the card's middleware and you may need to look for something in the software's documentation.
    Dragon.
  • Level 15  
    Software Required. I used a program that locks / unlocks the computer. It is associated with the access control system. I left the room - the computer is locked.