Tuesday, February 7, 2017
Could not Logon to Windows as it asks for a Smart Card that I have never Used
Could not Logon to Windows as it asks for a Smart Card that I have never Used
Issue : When I booted my computer up and typed in my username and password it gave me an error. It said that I needed a smart card to login. I dont use smart cards.I retyped the password thinking I might have entered incorrect password but it gave me the same error.I tried to login with another user account but again the same error.So I think I accidentally enabled this policy in registry.
Solution: This happened because I accidentally configured my Windows system to allow only smart card logon.Smart Cards are a portable, secure and a tamper-proof way to provide security solutions for tasks such as client authentication, logging on to domains, code signing, and securing e-mail. You can use smart cards to also log on to your Windows 7 / 8 computers.
You may find the same error or logon option sometimes with Remote Desktop Connection.Here are some picture I want to share with you that you may see when encounter any such problems.
Disable Force Smart Card Login
If a problem prevents you from logging in to Windows with a smart card, start your computer in safe mode and disable this security feature.Smart Card Login option will not be available in Safe Mode. Whether you log in with a physical or virtual smart card, Windows stores your settings in the Windows NT Registry. If youre able to log in to Windows, you can disable smart card login for future sessions by editing your local group policies. Disabling the Smart Card Plug and Play service removes the option to insert a smart card when logging in.
1. First of all log in to Windows in Safe mode, this can be achieved by pressing F8 key while the computer is booting.
2. From the options available, pick Safe mode with networking and hit Enter. Then log on to the computer by using administrative credentials.
3. Press Windows Key + R combination, type Regedt32.exe in the Run dialog box and hit Enter to open the Registry Editor.
4. Navigate to the following key:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem
5. In the right pane of this location, you’ll find a DWORD named scforceoption. Since your computer allows Smart Card logon only, the DWORD shows the Value data equals to 1.
6. In the Value Data field, change the current value of “1” to “0” and click “OK.”
7. Close Registry Editor and restart your computer in normal mode. The login screen prompts you to enter your username and password rather than insert a smart card.
Note: - Do note that this settings will be reset back to the default setting which is Value ‘1’, after 90 minutes, when the next Group Policy refresh takes place.
Disable Smart Card Plug and Play Service
1. Press Windows Key + R combination, type gpedit.msc in the Run dialog box and hit Enter to open the Local Group Policy Editor.
2. Navigate to "Computer Configuration>Policies>Windows Settings>Local Policies>Security Options>Interactive logon: Require smart cards"
3. Right-click “Interactive logon: Require smart cards” and select “Edit.” In the Properties dialog, select “Disabled” to turn off this service
4. Now navigate to "Computer Configuration>Administrative Templates>Windows Components>Smart Card>Turn On Smart Card Plug and Play Service"
5. Right-click “Turn On Smart Card Plug and Play Service” and select “Edit.” In the Properties dialog, select “Disabled” to turn off this service and remove the smart card option from the login screen. Click “Apply” and “OK” to save your changes.
For detailed information on Smart Card policy implementation read the following articles.
https://technet.microsoft.com/en-us/library/ff404287(v=ws.10).aspx
https://technet.microsoft.com/en-us/library/cc757921(WS.10).aspx
Incoming Search Terms
smart card
windows login screen
windows needs smart card to login
login issue
no smart card
can not login
disable smart card login
force smart card login
remote desktop need smart card to login
Solution: This happened because I accidentally configured my Windows system to allow only smart card logon.Smart Cards are a portable, secure and a tamper-proof way to provide security solutions for tasks such as client authentication, logging on to domains, code signing, and securing e-mail. You can use smart cards to also log on to your Windows 7 / 8 computers.
You may find the same error or logon option sometimes with Remote Desktop Connection.Here are some picture I want to share with you that you may see when encounter any such problems.
 |
| Smart Card Login |
 |
| Smart Card Login |
 |
| Smart Card Login |
 |
| Smart Card Login |
If a problem prevents you from logging in to Windows with a smart card, start your computer in safe mode and disable this security feature.Smart Card Login option will not be available in Safe Mode. Whether you log in with a physical or virtual smart card, Windows stores your settings in the Windows NT Registry. If youre able to log in to Windows, you can disable smart card login for future sessions by editing your local group policies. Disabling the Smart Card Plug and Play service removes the option to insert a smart card when logging in.
1. First of all log in to Windows in Safe mode, this can be achieved by pressing F8 key while the computer is booting.
2. From the options available, pick Safe mode with networking and hit Enter. Then log on to the computer by using administrative credentials.
3. Press Windows Key + R combination, type Regedt32.exe in the Run dialog box and hit Enter to open the Registry Editor.
4. Navigate to the following key:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem
 |
| Disable Smart Card Login |
 |
| Disable Smart Card Login |
6. In the Value Data field, change the current value of “1” to “0” and click “OK.”
7. Close Registry Editor and restart your computer in normal mode. The login screen prompts you to enter your username and password rather than insert a smart card.
Note: - Do note that this settings will be reset back to the default setting which is Value ‘1’, after 90 minutes, when the next Group Policy refresh takes place.
Disable Smart Card Plug and Play Service
1. Press Windows Key + R combination, type gpedit.msc in the Run dialog box and hit Enter to open the Local Group Policy Editor.
2. Navigate to "Computer Configuration>Policies>Windows Settings>Local Policies>Security Options>Interactive logon: Require smart cards"
 |
| Disable Smart Card Login |
 |
| Disable Smart Card Login |
5. Right-click “Turn On Smart Card Plug and Play Service” and select “Edit.” In the Properties dialog, select “Disabled” to turn off this service and remove the smart card option from the login screen. Click “Apply” and “OK” to save your changes.
For detailed information on Smart Card policy implementation read the following articles.
https://technet.microsoft.com/en-us/library/ff404287(v=ws.10).aspx
https://technet.microsoft.com/en-us/library/cc757921(WS.10).aspx
Incoming Search Terms
smart card
windows login screen
windows needs smart card to login
login issue
no smart card
can not login
disable smart card login
force smart card login
remote desktop need smart card to login
Available link for download
