Two-Factor Authentication bypass prevention control in Rohos Logon Key 4.8

/in , /by

We are glad to announce Rohos Logon Key 4.8 with automated prevention over ‘Two-Factor Authentication bypass scenarios’. The new experimental feature allows to get an immediate push notification on the smartphone when the Two-Factor Authentication (2FA / MFA) procedure is avoided during login/unlock or reconnecting to console or remote sessions. Because of well-known system vulnerabilities that allow RDP session hijacking, never-ending stories with 0-day exploits in RDP protocol or authentication system, and unattended remote tools like TeamViewer or 2FA credentials theft during fishing and social engineering – all these lead to unpredictable threat models and risks.
Rohos Logon commits to experimental innovation to address these issues. Currently, Rohos Logon Key app uses three simple rules to trigger push notifications and lock the session in case of Two-Factor Authentication bypass. This allows for defining response and mitigation in case of unknown vulnerabilities of the authentication procedure. The experimental approach works well for standalone Terminal Servers, AD farms, cloud servers in AWS or Azure, workstations, or personal laptops as well. In the future, we plan to add more rules and response actions that allow mitigating authentication vulnerabilities of Windows system, Rohos or human factors. Currently, Rohos Logon Key is the only 2FA application in the world that offers self-control backward loopback, starting from the login prompt to the RDP session desktop. Read more about how it works.

Read more

MFA for Remote Desktop access with U2F FIDO security keys in Rohos Logon Key v.4.7

/in , , /by

Rohos Logon Key v.4.7 now has multiple improvements, allows using U2F FIDO security keys as a second authentication factor for Remote Desktop access. This makes Rohos absolutely unique solution that allows using U2F keys for Remote Desktop 2FA login as well as console-based login.
We also added an experimental feature to Rohos Logon to work as a password filler for the LastPass browser extension (experimental).

During pandemic remote access became very popular and sometimes mandatory due to restrictions. Rohos Logon Key allows protecting remote access with convenient two-factor authentication. Rohos may easily work over a classic Microsoft RDP as well as other popular solutions like TeamViewer, AnyDesk, VNC, UltraVNC, MagicConnet , Proxy Networks, LogMeIn, pcAnywhere etc. Currently Rohos Logon Key is the only solution that allows to protect Terminal Server remote access with U2F security keys which is being considered as the strongest authentication factor today.

What’s new in Rohos Logon Key v.4.7 :

  • Added a possibility to use U2F FIDO security keys for Windows remote desktop access. RemoteFX device redirection option in MS RDC should be used by Network Admins, to setup U2F keys on TS host side. “Rohos Logon Key compact” setup should be installed on client PC. More details read below.
  • Added support of 16/32 bytes HOTP tokens/keys and other minor improvements for One-Time-Password MFA method.
  • Added support for Omnikey RFID readers.
  • Added support for LastPass automated login with Rohos MFA Key, by inserting a password right to LastPass plugin via web browser extension. Rohos may enter your password right to LastPass login screen in Chrome/Firefox or some website. Current MFA Key is used as password storage. This is an experimental feature for those who prefer to keep LastPass locked after inactivity timeout.
  • Minor Improvements in Rohos Logon Key Push token MFA method. Added possibility to setup Smartphone login without entering user account password.
  • Added a possibility to enter a specific Username in the “Setup Key” dialog box, which allows to setup a key for users which cannot be resolved with the “Select Users” dialog provided by Windows API.
    Improvements with Emergency Logon functionality with an online user account (email address is used).
  • Improvements with Emergency Logon functionality with online user account (email address is used).
  • Added a possibility to display Message Box in RDP login screen, thus populating Remote Access dialog full screen allowing user to enter OTP credentials (by using RDP_notice registry value).
  • Fixed issue with “Setup Key” dialog box when user password is empty
  • Added a possibility to Add MFA keys with a flag “user must enter password during next MFA login”. That allows to setup keys/cards without entering user account password.
  • Rohos Management Tools update.
  • Other bug fixing.
Read more

Rohos Logon Key v.4.6 update

/in , /by

We continue to improve Rohos Logon Key towards intelligent Multi-Factor Authentication decision framework. With new Rohos Logon Key 4.6 you can use multiple kind of authentication methods and devices in parallel.  Now you can introduce a new MFA authentication procedure on-the-fly without stopping using the current old one. Starting a pilot with a new authentication device was never such easy as now with Rohos Logon.

Read more

Rohos roadmap for 2020-21

/in /by

SafeJKA SRL is glad to share Rohos software roadmap for 2020(21) year.

Read more

Rohos Face Logon 4.3 with adaptive face recognition level

/in , /by

We are glad to announce new update for Rohos Face Logon that allows to set adaptivity level for face recognition. This allows quicker login in any lighting conditions.

Whats new in brief:

  1. Added an option to control adaptivity level for face recognition.
  2. Added possibility to use Face Login over a remote desktop connection.
  3. Added option to control strong two-factor authentication to login into your computer.
  4. Added Emergency Logon feature to bypass two-factor authentication if you cant login by face.
  5. Added more options to customize Face Logon on logon screen.
  6. Option “Face models profile path” allows to change folder location where rohos keep biometric data. This allows to set centralized location or network shared folder for face models across multiple users and computers.

Read more

Rohos Disk folder encryption for Google Drive / OneDrive

/in , /by

We have published  Rohos Disk Encryption v.2.7 with new experimental functionality “Encrypt Folder”.  This feature that allows to encrypt your Cloud Storage folders like OneDrive, Google Drive and others. Now Rohos is able to encrypt arbitrary files on a computer and thus Cloud Synchronization and Backup tools uploads fully encrypted data to the cloud since the sensitive data appeared on the computer.
In order to work with the files you need to enter password and use special drive letter within Explorer or Any other application. Read how it works or download now.

Read more

Towards multi-factor authentication decision framework in Rohos Logon Key v4.0

/in , /by

We are glad to announce new Rohos Logon Key v4 for Windows. Now it has a possibility to combine two-factor authentication methods for a single desktop or user and define rules to support multi-factor authentication (MFA) control.  Since 4.0 Rohos Logon Key will introduce rule-based multi-factor authentication decision support framework that brings MFA intelligence depending on access context. It automatically selects strong authentication method for privileged users or remote desktop access and convenient single-factor authentication when you use Windows computer  in regular way on a desktop.

Read more

Combining multiple 2FA methods in new Rohos Logon Key

/in , /by

We are working towards to add new authentication experience for Windows login and now Rohos Logon Key v.3.8 allows to use any supported 2FA authentication device in combination with One Time Password authentication method (Google Authenticator). This will help to apply strong two-factor authentication with local or remote access. With this features we will start to introduce rule-based multi-factor authentication decision framework into Rohos Logon Key.

Whats new in new Rohos Logon Key v.3.8 in brief:

  • Allows to combine 2FA methods: physical access Key with One Time Password codes;
  • Redesigned “Setup authentication key” dialog box;
  • Redesigned “Options” dialog box;
  • One Time Password entry field on a logon screen;
  • (In progress) Allows to combine any types of 2FA methods for Windows login; This option allow to introduce new 2FA method in parallel with already used one. For example you are using OTP 2FA technology now and you will be able to add new users with U2F authentication keys while keeping existing OTP users untouched.

Read more

Windows login with U2F FIDO security key

/in , , /by

Now you can use popular U2F FIDO security keys for Windows logon. Both multi-factor and single-factor authentication use cases are supported as well. It means you can use your U2F key as a password replacement or you can setup true multi-factor authentication to unlock your dektop: U2F Key + your Windows password.

Read more

macOS High Sierra support in Rohos Logon Key

/in , /by

We have updated Rohos Logon Key for Mac to support macOS 10.13 High Sierra. Also we would like to announce soon support for U2F security keys for Mac login.

What’s new:

  • Added support for macOS 10.13 High Sierra
  • Fixed Rohos Logon Key.app sub folders permissions conflict.

Read more