Microsoft Rdp 2fa

admin



2fa

You may find it hard to believe but I am just about old enough to remember a time when you switched off your office PC at the end of the day and that was it. If you wanted to finish off that all important presentation you could take a laptop home, but there would be no network access. So, you hurriedly copy and pasted everything on to the desktop on a Friday afternoon. Sound familiar?

Today, thanks to great technology such as Microsoft’s Remote Desktop Services and of course many others, we can all get (and indeed expect) access to our desktop resources whether in a coffee shop, airport lounge, train or a customer site. Logging on in this way is now second nature. It means we are free from the shackles of the office-bound desktop and arguably a lot more productive.

Example of Remote Desktop Manager using Google Authenticator as a 2FA - Which RDM datasources currently support 2FA Devolutions Online Database MariaDB Microsoft Access SQL Azure SQL Server SQLite My SQL - Which 2FA solutions are supported with RDM Google Authenticator YubiKey Duo AuthAnvil - Configuring a 2FA solution in RDM. 2FA protects against phishing, social engineering and password brute-force attacks and secures your logins from attackers exploiting weak or stolen credentials. Duo integrates with Microsoft Windows client and server operating systems to add two-factor authentication to Remote Desktop and local logons. Dec 26, 2019 2FA / Two Factor Authentication Windows RDP/RDS Enabling 2FA authentication is something which we would like to implement for our RDP server. Ideally would like a system which is straight forward to use and manage as we only have a limited number of users with access. Windows Hello with two-factor authenticaiton (2FA) works with Remote Desktop. Users with Windows Hello for Business certificate trust can use their credential to authenticate to remote desktop sessions over RDP. When authenticating to the session, biometric gestures can be used if they are enrolled.

But, for many organisations this freedom comes at a price and that is compromised security. Does the benefit outweigh the risk? I am not so sure, as you are only as strong as your weakest link. Being able to offer remote desktop access from a technical perspective is relatively simple and low cost (again thanks to the likes of Microsoft), but securing it adequately and effectively has traditionally been expensive and prohibitive. I am of course talking about two-factor authentication (2FA).

Microsoft Rdp Client Control

As 2FA isn’t built-in to Microsoft Remote Desktop Services the only option for organisations conscious of securely protecting their desktop PCs and the network upon which they reside, from data breaches and cyber threats has been to invest in a separate solution. But, traditionally 2FA has been the preserve of key-ring token providers, which require a large (the numbers can be quite frightening) up-front investment and demand a lot of administrative resource. There is often a lot of resistance from those who will be using the token and unless you have a huge remote workforce, the numbers simply don’t stack up to make it a viable proposition.

Add in to the mix regulatory compliance policies for some sectors that demand 2FA is used. You have one camp that is forced to make the painful investment, or the other that simply cannot justify or afford it and must enforce a blanket ban on remote access. Of course, there will be a few ill-advised cases that chose to risk it.

For those not needing to adhere to regulation, the majority settle for the default username and password combination that Microsoft Remote Desktop Services offers. However, with advances in technology, most notably the ability to place soft-tokens on to mobile devices, the costs have plummeted and it is easier than ever to manage.

From today, organisations using Microsoft Remote Desktop can strengthen with 2FA by augmenting the username and password screen with the need to enter a unique one time passcode.

Using the new Authlogics Remote Desktop Agent, all the user needs to do is download the PINgrid app on to their phone. From this point when logging in they simply open the app and enter the digits that appear in their PINgrid pattern. It is also great news for the IT team as there is no need for any code changes, making it very quick and easy-to-deploy, whether you are an SME, or a large multi-national enterprise.

The Remote Desktop Agent makes strong 2FA affordable for all. So, those who need to comply with regulation but could not afford to do so, now can. Organisations of all shapes and sizes that want to secure their desktop access with 2FA have the option to do so. And, those that have had their hands tied and are using expensive hard-tokens now have a viable alternative to consider when their next license renewal is due.

2fa for rdp

Microsoft Remote Desktop Gateway 2fa

For more information about Authlogics Remote Desktop Agent contact a member of our team on Tel: +44 (0)1344 568900, or Email: sales@authlogics.com