We use a basic AD authentication for smartforms, and the whole thing is running on https.
We have some forms that we need people to sign. Generally I argue that they have already authenticated with the server, so we know that they are who they say they are. However, on a few critical forms it would be nice to have them re-verify their password (from AD) as their"signature". This would eliminate the possibility that someone walked away from their desk, and another user is not impersonating them.
Any thoughts? Worst case I can grab some other piece of personal info from the HR database and use that to verify them, but the ideal would be password.