MFA Windows Logon
Secure Windows sessions online and off-line with a flexible MFA
TrustBuilder.io MFA for Windows Logon allows a user to open a Windows session using TrustBuilder.io MFA mobile app. When the user logs in to his Windows system, he is prompted for secondary approval, thus enhancing security.
Why use TrustBuilder.io MFA for Windows Logon?
The workstation is one of the most sensitive items in terms of security of IT Systems. It gives direct access to all locally stored and unprotected cloud assets. It can also be an enrolled device that grants access to protected data and services, in combination with a PIN code. That is why the process to log into the workstation – Windows Logon – raises high security concerns.
Insecure passwords
Even strong passwords are weak and certainly not up to the task of protecting your most precious assets
Vulnerable shared workstations
A multi-user workstation is easily accessible to everyone and therefore requires a high level of security
Unsecured remote access
The lack of remote access security is an easy way for hackers to take control of the system and access data in a completely transparent way
Picture Windows Logon as the front door to your data. Protecting this front entrance with a MFA solution is crucial, but it will not prevent malicious people from getting through the window. That’s why inWebo recommends to encrypt all data stored locally as an extra security.
Your Windows password is the first step in this double authentication (MFA) and is therefore crucial to ensure the security of your account, regardless of the PC you are logging into or the applications, settings and services you are using while logged in.
Cover all access scenarios with TrustBuilder.io MFA for Windows Logon
To secure your data with a MFA solution, it is essential to manage all access scenarios. TrustBuilder.io allows you to add multi-factor authentication to your Windows session under different configurations.
Secure Windows Workstation local account
Secure Remote Desktop connection to Windows
Secure Windows Workstation domain account
Securing shared Workstation under Windows
What use cases are covered to protect your Windows account?
Standard authentication
- Online / internet access
- With a phone
After entering its Windows credentials, the user will be able to securely authenticate to its Windows account via a push notification on its mobile Authenticator application.
Offline authentication
- Online / internet access
- With a phone
In offline mode, the user has two options to access its Windows session: generate a scratch code with Authenticator mobile app or request a code from the administrator/help desk directly from the Windows login portal.
Authentication without smartphone
- Online / internet access
- With a phone
The user will be able to request a code from his administrator/helpdesk directly from the Windows login portal simply by selecting “I forgot my device / I’m offline”. He will then be provided with a scratch code to open his Windows session.
Users can generate scratch codes completely independently from their Authenticator app (on an enrolled device) by going to the “My Desktops” section and clicking on “Reveal Code” on that desktop.
TrustBuilder.io makes it easy to protect Windows Logon
- Automatic activation of the feature on the user’s workstations
- Easy to manage from the admin console
- Transparent rollout for the end-user
- Lock a workstation in a few clicks
How to setup MFA on Windows Logon with TrustBuilder.io
Easily, rapidly and massively deploy TrustBuilder.io MFA in just 5 steps to secure all Windows Sessions.
- Step 1 - Activate the future
- Step 2 - Set up the Windows logon connector
- Step 3 - Install TrustBuilder.io Windows Logon
- Step 4 - Test your setup
- Step 5 - Perform mass deployment
