[pjc50]

Likely causes:

1) PC is desperately under-provisioned, probably several years old and upgraded to Windows 10

2) Too large roaming profile (easy situation to get into and hard to spot other than "it's slow")

3) Too slow AD profile server to get the large profile from

4) Internal websites "should" use NTLM authentication if available, which would remove the requirement to log in again, but forwarding this outside the domain properly is remarkably hard

5) Smartcard auth can offer the dropin use case with no typing, but it's a pain to provision and costs more

In many cases you'd be better off with an IBM 3270 terminal but with higher resolution text and images...

In my previous job we built a Windows CE-based system that let you log in instantly by tapping a keyfob and brought the screen you were last using up anywhere on the site, running on fifteen-year-old hardware. It was for selling beer.

[amaccuish]

My sister works in the NHS. It's all smartcard based. Also kerberos could achieve the same as NTLM for SSO and is more secure, and less complicated in multi-domain setups, since the client does all the hard work rather than servers having to contact remote DCs themselves.

[lousken]

Also 100Mbps networking, still a possibility even in 2020

[klohto]

Are you implying that 100Mbps is not enough? Most people live fine with 20Mbps, why would they need 100?

[lousken]

If you have a server that is connected via 100Mbps link to the entire network, yea, it's not enough. When multiple clients are hitting it e.g. during login, downloading updates from wsus etc. it will be painfully slow

[raverbashing]

Ah roaming profiles, one of the best worse ideas in the MS world

Better if you can replace it with a CIFS mount

[sansnomme]

Instead of IBM, just use a Bloomberg terminal. It is as secure if not much more than all those security checklist-ticking healthcare software. For good or for bad, a lot more money is on the line for Bloomberg than e.g. a personal data breach in healthcare.

[DanBC]

> probably several years old and upgraded to Windows 10

...probably still running Windows 7.

[hollander]

Probably 5 years old or older, maybe only 2GB of RAM, and back then already underpowered.

[blattimwind]

...upgraded from Windows XP.

[liveoneggs]

anti virus is way more likely and I agree (been in a hospital setting before) that a terminal/ssh-based system would be better for most stuff.