Windows optimize

How do I... Create and use a Microsoft CardSpace personal digital identification card?


Digital identification and, more important, the ability to exchange certified digital information, is the mantra of many network security strategies. With the proliferation of open communications networks, access to systems and data boils down to whether the system recognizes who is connected to the network more than whether that person can be granted access in the first place.

Many companies are vying to establish a standard way to create, authenticate, and transmit digital identification, but no solution has been able to establish control of the market. Microsoft's solution to digital identification is CardSpace. The company has begun rolling out this identification scheme to many of its Web sites. Individuals using Windows Vista can create a personal CardSpace card that they can use to identify themselves to Web sites. This How do I... shows you how create a personal card and then how to pass it on to a Web site requesting the information.

This blog post is also available as a TechRepublic download and gallery.

Create a CardSpace personal card

To start Windows CardSpace in Vista, click the Start button and type cardspace into the search box (Figure A). Alternatively, you can navigate to the Control Panel and click the CardSpace icon (Figure B).

Figure A

Desktop search -- CardSpace

Figure B

Control Panel -- CardSpace
The first screen you will see is the Welcome To Windows CardSpace information screen shown in Figure C.

Figure C

Welcome To Windows CardSpace
Figure D shows you the Windows CardSpace page before any cards are entered. In theory, there will be several cards listed on this page -- some will be personal and some will be sent to you by Web sites and other authentication sites. Identification cards received this way are called managed cards.

Figure D

Windows CardSpace
To add a card, click the Add A Card icon and then click the Add button (Figure E). Alternatively, you can click the Add A Card link located on the right-hand navigation menu.

Figure E

Add A Card
Click on the Create A Personal Card link to start entering your personal data (Figure F). If you had received a Managed Card, you would install it from this screen.

Figure F

Create A Personal Card
Fill in the information requested and click the Save button when you are done (Figure G). Note, you cannot Alt+Tab out of these screens -- you have to Save or quit the process.

Figure G

Enter personal data
You can modify your new personal CardSpace card any time from the Edit screen (Figure H).

Figure H

Edit screen
Over time, some of the most important information about your personal Windows CardSpace card is going to be found on the View Card History screen (Figure I). To get this screen, click on the View Card History link in the navigation menu on the right side of the main CardSpace screen.

Figure I

View Card History

Send your personal card to a Web site

If you spend much time on Web sites sponsored by Microsoft, you are likely to already have a Passport or Live account. In some cases, you can now use your newly created Windows CardSpace personal card to sign into these Web sites. Figure J shows the login screen for Windows Live.

Figure J

Windows Live login
The first time you log in to one of these sites, you'll enter your password as part of the process to add your personal Windows CardSpace card to the login system (Figure K).

Figure K

Add you personal CardSpace card
When you do, you will see a screen similar to the one shown in Figure L. The screen is asking you to confirm that you want to send a personal card to a particular Web site. This is where you can see certificate information for the Web site in question.

Figure L

Send the card
After sending your personal card, the Windows Live site notifies you that it has been accepted (Figure M).

Figure M

Your personal card is accepted
The next time you visit the Web site, it will recognize you and ask you to log in using CardSpace (Figure N). You no longer need to remember your username and password -- Windows CardSpace takes of that for you.

Figure N

Login made easy
The only thing you have to remember is which card to send (Figure O).

Figure O

Pick the right card

The future

This may seem like a lot of extra work just to log in to a Web site, especially a marginally important site like Windows Live. But you have to consider the future of digital identification and network security. Microsoft is just one of the companies trying to establish a simple yet robust certification, identification, and authentication standard. In the not-so-distant future, you will be required to identify yourself in a digital form that can be assured with authority. The only variable at this point is how that will be accomplished.

About

Mark Kaelin is a CBS Interactive Senior Editor for TechRepublic. He is the host for the Microsoft Windows and Office blog, the Google in the Enterprise blog, the Five Apps blog and the Big Data Analytics blog.

5 comments
jmorley0214
jmorley0214

Worth a try for sure. I would sure like to have a different complex password for each important site I log in to (Schwab, banks, etc. and some not so important but so public my password might be lifted).

johnspamnicht
johnspamnicht

The cool thing about CardSpace is that it comes by default in Vista (and XP, if you take the update), and that it plays nicely with OpenID. With OpenID, you can authenticate yourself to multiple web sites using the methods you choose (username/password, and/or a SecureID token.)

Mark W. Kaelin
Mark W. Kaelin

There are plenty of "solutions" floating around these days regarding digital identification and authentication. While I understand the basics of Windows CardSpace I am having difficult time seeing this technology becoming an adopted standard. How do you see digital identification shaking out? Do you think a certain strategy works better than the rest and therefore has the upper hand?