Does your MFA provider support offline Windows Logon and RDP authentication?
April 18, 2022 •
Are you a Windows user and need remote access to your laptop or desktop? With remote work continuing to permeate our workplaces, logging in remotely to a Windows system persists as a common and often insecure activity that users across the globe perform every day.
Many administrators correctly want to add a layer of security to that login process with multi-factor authentication (MFA), but have concerns about implementation, usability, and limiting users’ login options.
There are fair concerns, but it’s important to remember that not all MFA providers are made equally!
Securing remote access to Windows with LoginTC MFA makes it easy for end users to enroll and log into Windows Logon and RDP protected applications, and easy for administrators to manage. Part of the reason why LoginTC is the preferred solution for many users and administrators is that it works both online and offline for Windows Logon. This unique technology allows users to stay secure no matter where they are and what connection they have.
How exactly is LoginTC able to do this? Let’s dive deeper.
As we know, LoginTC acts as the authenticator for your MFA protection on your device. With Windows Logon you have multiple options that work both online and offline for Windows logon. When signing in to your account: online authentication methods such as Push notifications, Software OTP (generated in LoginTC app), Hardware token, SMS, Phone call, and Bypass codes. There’s also offline authentication options such as a QR scan, and Offline Bypass codes. The offline QR scanner is a tool used to help local Windows users to log into their laptop securely using two-factor authentication without a Wi-Fi network.
But exactly what problem does the Windows Logon Connector solve?
Normally, Windows allows users to log in when offline and the only time it wouldn’t is if the computer’s administrator configured it that way. Even if it’s configured that way, adding a second factor of authentication is difficult because it wouldn’t be invoked until after the user enters their correct username and password.
The problem that the LoginTC QR scanner solves is let’s say an administrator is security conscious (not a bad thing!) and restricts their users laptops to require a network connection to their corporate network; the LoginTC Windows Logon & RDP Connector could potentially relax that requirement knowing that LoginTC would add offline MFA. Windows allows users to log in when offline using the QR Code scanner.
The QR scanner works like this: Once you enter your username and password, the LoginTC window will then be invoked, showing a QR code for you to scan. Once you scan the QR code in the app, it will display a 6-digit code, allowing you to login securely, all while being completely offline. The great thing about this feature is that you can still utilize first factor password authentication while also leveraging your two-factor authentication process.
Another option for offline authentication are Offline Bypass codes. To login offline using this method, the user must enter a 9-digit Offline Bypass Code, which can be given to them by their IT administrator. Offline bypass codes are generated each time a user logs in online and can be found on the users page in the LoginTC Admin Panel. You can read more about offline bypass authentication here.
If you want to learn more about offline authentication and all the authentication methods that LoginTC offers, reach out at sales@cyphercor.com.