Does anyone use a smart card reader to login?

Hey y'all looking to switch from fingerprint reader over to smart cards but I have a few questions about it.

My main question is can I use a smart card to login to a Linux system?

And if so
1) How secure is it?
2) Once you login to the system with it does the card have to stay pluged into the laptop?
3) Is it relatively fast?

Thanks for any help!

Wait thats a real thing? I thought that was a joke.

No this was a real thing at one point

Unfortunately I can't speak from a Linux perspective. But they do use smartcards at my work. For now, I'm pretty happy with it, and it seems to be a valid form of 2 factor auth.

It took me a minute to figure out what they were doing with it. Basically they have an IPKI setup where they can create, distribute, and revoke user certificates. The user certificates are password protected, and that's the password you use to login to your system. Your certificate is tied to your AD account, so when you login with your smart card, you're logging into Windows with your AD account. Happiness.

It does need to stay plugged into the laptop, if it is removed the computer will lock. I don't know how secure this lock process is vs CTRL+ALT+DEL.

The only slowdown in the login process, aside from getting the card in the slot, is sometimes Windows takes a few seconds to read from the card for some reason.

Never used it, but you should start with reading man pam_smartcard, I guess.

1) very secure
2) yes, it has to stay plugged in (there may be a setting to change that but the military turns it off if it does)
3) faster than typing in a password, about the same a typing in a pin