• Customer wants to disable password logins to ESXi for security purposes.
• Customer wants to utilize Smartcard Authentication to log in to ESXi.

ESXi 7.0

ESXi 8.0

Smartcard authentication can be configured and utilized for logging into the vCenter web client. This leads to questions about whether Smartcard can be configured for ESXi logins, to further increase security.

Smartcard authentication for ESXi is currently only a feature for the ESXi Direct Console User Interface (DCUI), and is not a feature for the host client (web UI).

Strict Lockdown mode can be enabled for ESXi to restrict root login to ESXi. See Enabling or disabling Lockdown mode on an ESXi host.

To configure Smartcard authentication for DCUI, see Configuring Smart Card Authentication for ESXi.

To open a feature request to Broadcom, for example to request Smartcard for the ESXi host client (web UI), please review Submit a VMware feature request.