We have a bug in the code that handles automatic login on insertion of smart card where it fails to trigger. The issue is that the visible list and the trigger condition are not calculated the same way.
One easy way to trigger this is to have a card with a single user certificate, and the associated CA certificate. The visible list will filter out the CA certificate, but the login fails to trigger as it "sees" both certificates.
We have no such cards here, but you can provoke it with any card where you can construct a filter that only matches a single cert. Simply add a second filter after that which matches "Certificate signing" and "CRL signing". The second filter will cause the CA certificate(s) to also be included and screw up the logic.
A workaround is to add a filter that doesn't match the CA certificates. Most filters will do this and the default filter you get when you click "New" will probably work for most cards.
Tester should verify this problematic corner case, and do regression testing for other cases to make sure we trigger only when there is a single certificate in the filtered list.
Tested on Windows7 with cards
1) with a single [identification] certificate, which triggers autologin
2) with a [ROOT CA] and 2 [identification] and 2 [sign] which presents the correct dropdown selection of 2 certificates
3) with a [ROOT CA] and a [identification], which correctly triggers autologin (thu bugfix)
Filtering card 2) to show a single [identification] also correctly triggers autologin.