![]() When the option is enabled, Rohos Logon uses three rules to detect a bypass or suspicious of 2FA procedure, during any session login, unlock or reconnect, in console or remote desktop: Two-Factor Authentication bypass controll – how it works Rohos Logon Key for Android update with push notifications.Experimental ‘Two-Factor Authentication bypass’ control feature.Currently, Rohos Logon Key is the only 2FA application in the world that offers self-control backward loopback, starting from the login prompt to the RDP session desktop. ![]() ![]() In the future, we plan to add more rules and response actions that allow mitigating authentication vulnerabilities of Windows system, Rohos or human factor. The experimental approach works well for standalone Terminal Servers, AD farms, cloud servers in AWS or Azure, workstations or personal laptops as well. This allows defining response and mitigation in case of unknown vulnerabilities of the authentication procedure. Currently, Rohos Logon Key app uses three simple rules to trigger push notifications and lock the session in case of Two-Factor Authentication bypass. Rohos Logon commits experimental innovation to address these issues. Because of well-known system vulnerabilities that allow RDP session hijacking, never-ending stories with 0-day exploits in RDP protocol or authentication system, unattended remote tools like TeamViewer or 2FA credentials theft during fishing and social engineering – all these lead to unpredictable threat models and risks. New experimental feature allows to get an immediate push notification on the smartphone when Two-Factor Authentication procedure was avoided during login/unlock or reconnecting to console or remote sessions. We are glad to announce Rohos Logon Key 4.8 with automated control over ‘Two-Factor Authentication bypass scenarios’. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |