OpenOTP Windows Login & RDS

OpenOTP Windows Logins

Secure Windows Login & RDS
with Multi Factor Authentication (MFA)

Add Multi-Factor Authentication for Microsoft Servers, Remote Desktop & App logins. Enjoy enhanced security, even for offline logins (using our OpenOTP Token app or FIDO2).

As businesses increasingly rely on Microsoft Remote Desktop & Services to facilitate remote access to enterprise systems and shared applications, ensuring robust security measures is paramount.

By integrating MFA into your authentication process, you fortify your RDS environment against unauthorized access attempts and mitigate the risks associated with compromised credentials.

This additional security layer not only enhances the overall security posture of your organization but also instills confidence in users accessing critical resources remotely. With MFA in place, you can effectively safeguard sensitive data and maintain compliance with industry regulations, providing peace of mind in an increasingly interconnected digital landscape.

RCDevs helps you

Protect your Microsoft Operating System Access

Secure Windows Login & RDS with Multi Factor Authentication

RCDevs provides a Windows Credential Provider (CP) for Windows integrations. Our OpenOTP CP is your additional layer of protection for Windows login, remote access with Remote Desktop login & RDS.

Our latest version of OpenOTP CP supports both OTP and FIDO2 authentication mechanisms.
Any OpenOTP authentication method like Push Login, Yubikey, Hardware & software token, FIDO2 (except in RDS) is supported.

Our Credential Provider works in full AD environments but also in infrastructures without AD. Accounts can be separated from your AD (like in an OpenLDAP) and still be managed centrally.

For Desktops & Laptops
Unlike any other MFA vendor, RCDevs supports MFA login, even for Windows users working offline, without access to the Internet or office. The unique capability is based on the RCDevs intelligent Credential Provider plugin installed on Windows endpoints as local authentication agents, providing an added layer of security to both Windows domain authentication and local machine access. When working online, users can authenticate with any preferred 2FA method (i.e. the convenient mobile app-based push authentication). When offline, the agents will automatically initiate offline login where users are presented with a QRCode that will generate an OTP for the session once scanned with the free OpenOTP Token mobile app.
With RCDevs Windows Login one can offer true enterprise grade MFA for Windows access with confidence, without risk of needing to revert back to username/password login as soon as network connectivity goes out or communication with authentication backends fail.

Complete guide on how to enable MFA on Windows Client Login
For Remote Desktop Services
RCDevs Credential Provider (CP) provides a full integration with Windows Server operating systems to add the market’s leading second-factor methods to Remote Desktop Services access. RCDevs CP supports all OpenOTP authentication methods on RDP login, seamlessly within the RDS login session, without redirects or additional buttons to click. RCDevs CP is delivered as an easy-to-install MSI package that can be deployed in a few minutes.

Complete guide on how to enable MFA on Windows Server Login
For AD Users
Completely integrated with Active Directory users, groups and policies.
For Local Users and Computers Out of Domain
Configure RCDevs OpenOTP servers and OpenOTP Credential Provider for Windows to authenticate local users using 2FA and for Windows on a computer out of the domain. Both scenarios require an LDAP server to store user metadata (Token metadata needs to be stored on a user account in WebADM even for local account authentication).

Complete guide on how to enable MFA on Local Users and Computers Out of Domain

Key Features

Supports NT Domain-style login names like ‘Domain\Username’
Supports User Principal Names (UPN), implicit & explicit
Supports offline authentication with OpenOTP Token App & FIDO2 devices
Supports any OpenOTP method (Tokens, YubiKey, FIDO2, SMSOTP, eMailOTP)
Supports LDAP, challenged OTP & FIDO2 and Push login
Enterprise deployment with AD automated software deployment tools
Compatible with

Desktops & servers with Windows CP

All Windows Clients since Windows 7
All Windows Servers since 2008
Microsoft Remote Desktop Services

See how simple it is to integrate OpenOTP for Windows Logins

OpenOTP Credential Provider for Windows

How to integrate OpenOTP with AD

Frequently Asked Questions – Windows & RDS Login

Can I use Google Authenticator for Windows Logins?
RCDevs Security recommends using the official OpenOTP Token App which provides additional security features and Push notifications . That being said, you can use Google Authenticator or any software token (as long as they are OATH Event-based (HOTP) & Time-based (TOTP) to perform a Windows login.
Check how RCDevs' OpenOTP Token app works as a Windows login credential provider.
Can I perform a Windows Login with a Smart Card?
You can authenticate with a smart card for both online and offline modes. Offline mode is possible either via QR Code or Fido key.

First, you need to configure the smart card through your MFA setup. Check the configuration documentation for smart card logins with RCDevs Security Solutions. After configuring, insert your smart card in the card reader. If the card is detected and the stored certificate can be used for logon, a new credential tile for the smart card will be prompted. You can select it and enter your PIN code. You will be logged in.
Documentation of windows login authentication with smart card.
Is a Windows Login using FIDO possible?
Yes, it is possible. You need to register the key and activate the client policy.

Choose the method that best suits you

Authentication Methods

RCDevs’ IAM-MFA Cybersecurity Solutions Compatible with Strong Authentication Login Technologies

SEEING
IS BELIEVING

Whether you are buying a car or a security solution, you always want to test
drive it before signing on the dotted line. We know this and you know this.
Contact us for your Free PoC or check it out for yourself.

EN