Digital identification and, more importantly, the ability to exchange certified digital information, is the mantra of many network security strategies. Microsoft's solution to digital identification is CardSpace. Mark Kaelin shows you how to create one.
Digital identification and, more importantly, the ability to exchange certified digital information is the mantra of many network security strategies. With the proliferation of open communications networks, access to systems and data boils down to whether the system recognizes who is connected to the network more than whether that person can be granted access in the first place.
Many companies are vying to establish a standard way to create, authenticate, and transmit digital identification, but no solution has been able to establish control of the market. Microsoft's solution to digital identification is CardSpace. The company has begun rolling out this identification scheme to many of its Web sites. An individual using Windows Vista can create a personal CardSpace card that they can use to identify themselves to Web sites. This How do I... shows you how create a personal card and then how to pass it on to a Web site requesting the information.
Create a CardSpace personal cardTo start Windows CardSpace in Vista, click the Start button and type cardspace in the search box (Figure A). Alternatively, you can navigate to the Control Panel and click the CardSpace icon (Figure B).
Desktop search — CardSpace
Control Panel — CardSpaceThe first screen you will see is the Welcome to Windows CardSpace information screen, shown in Figure C.
Welcome to Windows CardSpaceFigure D shows you the Windows CardSpace page before any cards are entered. In theory, there will be several cards listed on this page — some will be personal and some will be sent to you by Web sites and other authentication sites. Identification cards received this way are called managed cards.
Windows CardSpaceTo add a card, click the Add a Card icon and then click the Add button (Figure E). Alternatively, you can click the Add a Card link located on the right-hand navigation menu.
Add a CardClick on the Create a Personal Card link to start entering your personal data (Figure F). If you had received a managed card, you would install it from this screen.
Create a Personal CardFill in the information requested and click the Save button when you are done (Figure G). Note: you cannot Alt-Tab out of these screens — you have to save or quit the process.
Enter personal dataYou can modify your new personal CardSpace card any time from the Edit screen (Figure H).
Edit screenOver time, some of the most important information about your personal Windows CardSpace card is going to be found on the View Card History screen (Figure I). To get to this screen, click on the View Card History link in the navigation menu on the right side of the main CardSpace screen.
View Card History
Send your personal card to a Web siteIf you spend much time on Web sites sponsored by Microsoft, you are likely to already have a Passport or Live account. In some cases, you can now use your newly created Windows CardSpace personal card to sign in to these Web sites. Figure J shows the login screen for Windows Live.
Windows Live loginThe first time you log in to one of these sites you'll enter your password as part of the process to add your personal Windows CardSpace card to the login system (Figure K).
Adding your personal CardSpace cardWhen you do, you will see a screen similar to the one shown in Figure L. The screen is asking you to confirm that you want to send a personal card to a particular Web site. This is where you can see certificate information for the Web site in question.
Sending the cardAfter sending your personal card, the Windows Live site notifies you that the card has been accepted (Figure M).
Your personal cardThe next time you visit the Web site, it will recognize you and ask you to log in using CardSpace (Figure N). You no longer need to remember your username and password — Windows CardSpace takes care of that for you.
Easy loginThe only thing you have to remember is which card to send (Figure O).
Picking the right card
This may seem like a lot of extra work just to log in to a Web site, especially a marginally important site like Windows Live. But you have to consider the future of digital identification and network security. Microsoft is just one of the companies trying to establish a simple yet robust certification, identification, and authentication standard. In the not-so-distant future, you will be required to identify yourself in a digital form that can be assured with authority. The only variable at this point is how that will be accomplished.
Stay on top of the latest XP tips and tricks with TechRepublic's Windows XP newsletter, delivered every Thursday. Automatically sign up today!