OpenOTP Windows Login & RDS

OpenOTP Windows Logins

Secure Windows Login & Remote Desktop Service with MFA

Secure your Microsoft Servers, Remote Desktop & App logins.

Microsoft Remote Desktop & Services provide an easy way for users to connect enterprise systems and use shared applications from remote locations.
Enhance your RDS security by adding MFA to your authentication process.

RCDevs helps you

Protect your Microsoft Operating System Access


RCDevs provides a Windows Credential Provider (CP) for Windows integrations. Our OpenOTP CP is your additional layer of protection for Windows login, remote access with Remote Desktop login & RDS.

Our latest version of OpenOTP CP supports both OTP and FIDO2 authentication mechanisms.
Any OpenOTP authentication method like Push Login, Yubikey, Hardware & software token, FIDO2 (except in RDS) is supported.

Our Credential Provider works in full AD environments but also in infrastructures without AD. Accounts can be separated from your AD (like in an OpenLDAP) and still manage centrally

For Desktops & Laptops
Unlike any other MFA vendor, RCDevs supports MFA login, even for Windows users working offline, without access to the Internet or office. The unique capability is based on the RCDevs intelligent Credential Provider plugin installed on Windows endpoints as local authentication agents, providing an added layer of security to both Windows domain authentication and local machine access. When working online, users can authenticate with any preferred 2FA method (i.e. the convenient mobile app-based push authentication). When offline, the agents will automatically initiate offline login where users are presented with a QRCode that will generate an OTP for the session once scanned with the free OpenOTP Token mobile app.
With RCDevs Windows Login one can offer true enterprise grade MFA for Windows access with confidence, without risk of needing to revert back to username/password login as soon as network connectivity goes out or communication with authentication backends fail.

Complete guide on how to enable MFA on Windows Client Login
For Remote Desktop Services
RCDevs Credential Provider (CP) provides a full integration with Windows Server operating systems to add the market’s leading second-factor methods to Remote Desktop Services access. RCDevs CP supports all OpenOTP authentication methods on RDP login, seamlessly within the RDS login session, without redirects or additional buttons to click. RCDevs CP is delivered as an easy-to-install MSI package that can be deployed in a few minutes.

Complete guide on how to enable MFA on Windows Server Login
For AD Users
Completely integrated with Active Directory users, groups and policies.
For Local Users and Computers Out of Domain
Configure RCDevs OpenOTP servers and OpenOTP Credential Provider for Windows to authenticate local users using 2FA and for Windows on a computer out of the domain. Both scenarios require an LDAP server to store user metadata (Token metadata needs to be stored on a user account in WebADM even for local account authentication).

Complete guide on how to enable MFA on Local Users and Computers Out of Domain

Key Features

Supports NT Domain-style login names like ‘Domain\Username’
Supports User Principal Names (UPN), implicit & explicit
Supports offline authentication with OpenOTP Token App & FIDO2 devices
Supports any OpenOTP method (Tokens, YubiKey, FIDO2, SMSOTP, eMailOTP)
Supports LDAP, challenged OTP & FIDO2 and Push login
Enterprise deployment with AD automated software deployment tools
Compatible with

Desktops & servers with Windows CP

All Windows Clients since Windows 7
All Windows Servers since 2008
Microsoft Remote Desktop Services

See how simple it is to integrate OpenOTP for Windows Logins

OpenOTP Credential Provider for Windows

How to integrate OpenOTP with AD

Frequently Asked Questions – Windows & RDS Login

Can I use Google Authenticator for Windows Logins?
RCDevs Security recommends using the official OpenOTP Token App which provides additional security features and Push notifications . That being said, you can use Google Authenticator or any software token (as long as they are OATH Event-based (HOTP) & Time-based (TOTP) to perform a Windows login.
Check how RCDevs' OpenOTP Token app works as a Windows login credential provider.
Can I perform a Windows Login with a Smart Card?
You can authenticate with a smart card for both online and offline modes. Offline mode is possible either via QR Code or Fido key.

First, you need to configure the smart card through your MFA setup. Check the configuration documentation for smart card logins with RCDevs Security Solutions. After configuring, insert your smart card in the card reader. If the card is detected and the stored certificate can be used for logon, a new credential tile for the smart card will be prompted. You can select it and enter your PIN code. You will be logged in.
Documentation of windows login authentication with smart card.
Is a Windows Login using FIDO possible?
Yes, it is possible. You need to register the key and activate the client policy.