Forcing the usage of smart cards for logons inside enterprise networks provides enhanced security and a stronger authentication as the user PIN directly depends on the presence of another physical layer, the smart card itself. Also it is a pretty functional method of supplying couple of different AAA requirements in a single user device for multiple access types such as VPN (such like I have explained here before), remote desktop connections, digital signing or a local encryption (~ EFS).

more