Rohos Logon Key v.5.0 preview

/in , /by

We are glad to announce Rohos Logon Key 5.0 early preview with improvements in the ‘2FA bypass control’ feature and better compliance with Microsoft Defender.

What’s new in Rohos Logon Key 5.0:

  • Improvements in the ‘2FA bypass control’ feature. Now the special option “Remember 2FA” allows defining a time interval in seconds to reduce possible false-positive alarms. Also ‘2FA bypass’ events are now added to the authentication event log with IP address information.
  • Java Card support module is temporarily removed from the setup package to comply with Microsoft Defender.

Download and Install over existing Rohos Logon app to try new features:
Download the latest Rohos Logon Key v.5.0 (15-day trial full version) >>
For customers who ordered v.4.8-4.9, the update is still free!

About Rohos Logon Key

Rohos Logon Key adds strong two-factor authentication control for Windows login. Rohos allows implementing multi-factor authentication decision solution, where you can combine different authentication devices: password, PIN code, Smartphone, or strong authentication devices like U2F key, YubiKey, Google Authenticator One-Time password codes, SafeNet iKey tokens, or RFID cards. With Rohos you can protect standalone computers, Active Directory workstations, Terminal Servers, Azure and AWS workstations, or other remote assistance solutions like TeamViewer, and AnyDesk.

Get your copy of the Rohos Logon Key>

View the complete list of supported devices for Windows 2FA logon> 

Rohos Logon roadmap for 2022-23

/in , /by

Here we would like to share the items from the product roadmap briefly.

Currently in Rohos Logon Key roadmap list:

  • More robust two-factor authentication redundancy support for Windows.
  • Integrated two-factor authentication bypass control with push notifications in Rohos Logon mobile app, better detection for various remote tools, and unattended support tools like TeamViewer, AnyDesk, VNC, etc.
  • Further development for Rohos logon Key for Android/iOS with improvements and better push 2FA method support.
  • Better and smoother OTP self-enrollment, auto-enrollment for OTP in Aactive Directory.
  • MS azure support via MS Graph integration.
  • webhooks support for 2FA auditing and 3rd party SIEM integration.
  • Development of Polymorphic setup file to avoid being detected and disabled in an automated way by malware or possible attackers.  
  • Adding subscription licensing type with included SLA support, updates, and Rohos SBOM data. 

Rohos Disk Encryption v.3.2

/in , , /by

This is an update where we rebuilt all binary components in a safe environment after strengthening our internal software development security. We also checked Rohos Disk with the latest Windows 11 and new Google Drive “Stream Mode” feature. Both container file or file encryption is compatible with google virtual drive letter. Rohos Disk is a good choice for vendor-independent End-2-End encryption for your Google Drive, OneDrive, or DropBox files.

What’s new in Rohos Disk v3.2: 

  • Windows 11 Support tested and verified. 
  • Removed legacy authentication modules.
  • Removed Folder Virtualization feature from Rohos Disk Browser.
  • Fixed installation of File Shredder tool  (Explorer “Send To” command in context menu).
  • Added Smartphone authentication method that allows to use Android/iOS phone as a key for your Encrypted Disk.
Read more

Rohos Logon Key v.4.9

/in , /by

We are glad to announce Rohos Logon Key 4.9 with a new feature with an audit trail for 2FA configuration changes.

Read more

Advise to setting up the admin account for OTP 2FA in conjunction with Rohos and remote access

/in , /by

We would like to share some advice regarding two-factor authentication and its use with an admin account when logging into Windows RDP. If it is not enabled currently we would strongly advise setting up the admin account for additional OTP authentication in conjunction with Remote Desktop access and Rohos Logon Key. Let’s review the pros and possible side effects.

Of course, it is highly recommended to use 2FA for the admin account, and it is definitely recommended rather than keeping it 1FA only. Just to remind you that default RDP login based on NLA credentials (user login and password in plain form store in .rdp connection file) from the client-side is quite vulnerable now since these credentials may be stolen and used by malware operators in an automated way – so the attack speed will be just 5-10 minutes.  So today, the absence of additional authentication factors (2FA/MFA) is considered negligent. Even more, due to recent development in exploits and malware for Windows operating system, desktop sessions created by regular user accounts also may be elevated to Admin Privileges in Domain or Active Directory (AD) with a high success rate depending on your defense type (Anti-virus type, EDR solutions, etc). So a variety of exploits for horizontal/lateral movement in AD are huge also.  But of course, Admin’s accounts are always a special target for cyber-criminals and traded as a high-price asset on the darknet. 
To summarise, definitely you need to start your cyber-security efforts in 2FA from some point, and admin accounts are the right starting point, highlighting you have a cyber-security strategy.  Especially with Rohos, since it is very easy to start with and has a fixed one-time price. 

Read more

Rohos Logon Key for Mac OS X 12 Monterey

/in /by

We have updated Rohos Logon Key setup package for compatibility with Mac OX X 12, Monterey.

Read more

Windows 11 support

/in , /by

This is a short announcement to confirm that all the latest versions of Rohos software products are fully compatible with the latest Windows 11 operating system. We continue to develop Rohos product line by adding new features according to our plans. We appreciate all of our users and customers for the valuable feedback while choosing Rohos cyber security solutions.

Rohos Software compatible with Windows 11: 

  • Rohos Logon Key, Rohos Logon Key free, Rohos Face Logon 
  • Rohos Disk Encryption, Rohos Mini Drive

Two-Factor Authentication bypass prevention control in Rohos Logon Key 4.8

/in , /by

We are glad to announce Rohos Logon Key 4.8 with automated prevention over ‘Two-Factor Authentication bypass scenarios’. The new experimental feature allows to get an immediate push notification on the smartphone when the Two-Factor Authentication (2FA / MFA) procedure is avoided during login/unlock or reconnecting to console or remote sessions. Because of well-known system vulnerabilities that allow RDP session hijacking, never-ending stories with 0-day exploits in RDP protocol or authentication system, and unattended remote tools like TeamViewer or 2FA credentials theft during fishing and social engineering – all these lead to unpredictable threat models and risks.
Rohos Logon commits to experimental innovation to address these issues. Currently, Rohos Logon Key app uses three simple rules to trigger push notifications and lock the session in case of Two-Factor Authentication bypass. This allows for defining response and mitigation in case of unknown vulnerabilities of the authentication procedure. The experimental approach works well for standalone Terminal Servers, AD farms, cloud servers in AWS or Azure, workstations, or personal laptops as well. In the future, we plan to add more rules and response actions that allow mitigating authentication vulnerabilities of Windows system, Rohos or human factors. Currently, Rohos Logon Key is the only 2FA application in the world that offers self-control backward loopback, starting from the login prompt to the RDP session desktop. Read more about how it works.

Read more

What are strategies for protecting against two-factor authentication vulnerabilities?

/in /by

Long time ago, Microsoft admitted that “game is over, if an attacker is landed inside your Active Directory” (“Mitigating Pass-the-Hash and Other Credential Theft”, version 2) by putting the following statement :

“Assuming breach requires a shift in mindset from prevention alone to containment after breach”

Meaning that no security software will help you since that moment. With this statement Microsoft team accepted that 0-Days vulnerabilities and exploits will continue to appear in future. What lessons security architects and experts may learn from Sunburst/Solarwind case? Probably the statement may be expanded to a wider scope:

“Assuming ongoing breach executed in an unidentified past requires a shift in mindset from prevention to continuous containment”.

What if the breach was already happened but we dont know about it now? Cyber-Security vendors now start offering solutions that includes new paradigm :

  • Breach Prediction and Threat Intelligence that monitors threat actors in dark net, vulnerabilities and tactics they are going to use. This will allow to identify potential targets and the weaknesses that will be exploited.
  • Breach Detection and Response with security controls that will continue to perform even in containment phase (i.e. “game is over”). Make Malware/RAT/APT operators to move in a wrong direction, take “wrong” things, while leaving more Indicator of Compromise and evidences in IT infrastructure.

Read more

New Rohos Disk Encryption app for Android to access encrypted Google Drive folders

/in /by

The new version of Rohos Disk for Android allows accessing folders on Google Drive/Dropbox/OneDrive encrypted by Rohos Disk Encryption on Windows. The Rohos Disk is free by default with some limitations (10 files per folder).

Read more