Rohos Logon Key v3.4 with Active Directory support

Updated: 28 April

Dear users and customers,  we are glad to announce a first release for a major update of Rohos Logon Key for Windows. Now Rohos Logon Key automatically detects Active Directory environment and uses Active Directory storage to keep domain-wide settings and list of authentication keys and devices. We have completely refactored Rohos Remote Config utility and USB Key manager.

What’s new in Rohos management Tools

Added Active Directory Application Partition support. This brings centralized domain-wide settings management and authentication media access list.

The list of changes:

  • Rohos Remote Config now automatically creates and manage Rohos partition (database) in Active Directory.
  • Now you can change any Rohos Logon Key settings across the domain and it will by applied immediately on next authentication attempt on a workstation.
  • Rohos Remote Config displayes the list of allowed authentication devices by serial number and assigned user name and allows to remove or block the key from the list thus preventing any further authentication by using this device.
  • Rohos Key Manager allows to setup authentication key and automatically save it’s serial number and user name into the list of allowed Keys located in rohos database in Active Directory.

Domain-wide settings includes: the type of 2-factor authentication policy (all users, by group membership, by IP address) the type of allowed authentication media, Emergency logon Q/A, Rohos Logon settings , etc.

What’s new in Rohos Logon Key:

Rohos Logon automatically detects Active Directory during install and uses it’s settings from the domain:

  • Each time during user authentication procedure Rohos reads it’s setting from the Active Directory.
  • On each 2 factor authentication authentication attempt Rohos verifies authentication media serial number or device id by using the list of allowed devices from the Active Directory database.

These changes do not affects Rohos functionality when installed on a standalone PC with Windows 7/8/10.

Application Partition (database)

Rohos takes advantage of the data storage technology offered by MS Active Directory by using an Application Partition to store all its user data and domain-wide settings.  Windows Server hosts this database and also uses this method to store entire AD catalog data.

The first installation of Rohos Managements Tools on a Domain Controller in your enterprise will automatically create this partition. Rohos does not add or change any schema properties on the “user” or other built-in objects in Active Directory.  All Rohos data is stored separately in the Rohos Application Partition only.  Importing the Rohos schema elements will have no impact on existing objects and replication settings since these objects are not affected.

Rohos partition’s name is: “DC=Rohos,DC=Com”. You can browse and change the partition content with the ADExplorer utility provided by Microsoft.

Please note, uninstalling Rohos does not remove the Rohos data partition.  You can delete it only manually by using MS provided ntdsutil.exe utility.

Rohos Remote Config utility

When you first start the Rohos Remote Config, the application will automatically connect to the Active Directory instance on the local machine and prompts to create Rohos Application Partition (database) and store default Rohos settings.

Please note you need to have Domain Administration and Domain Schema Admins permissions in order to run Rohos Remote Config for the first time.

System requirements:

  • Windows 2008 R2 / 2012 / 2016 Domain Controller
  • Domain Administrator and Domain Schema Administrator permissions in order to run Rohos Remote Config for the first time.

Troubleshooting

Just in case of any issues please click on Troubleshooting button and send us all log files.

The list of 2-factor authentication media support

Currently there is a full support for the following devices:

We are working to add other devices and One-Time-Password technology support for Active Directory.

How to start with Rohos Management Tools

  1. Download and Install it on a Windows Server domain controller.
  2. Open Rohos Remote Config utility and create Rohos database in Active Directory.
    Note: Ensure that your Administration account has a Domain Schema Administrator permissions.
  3. Set up settings :
    1. Choose the type of authentication media that will be allowed on workstations.
    2. Choose 2FA policy : For everyone, by group membership, for Remote Desktop connections or mix.
    3. Create user group and enter it in “2FA user group name” field if you wish to apply 2FA for this group of users
    4. Enter “2FA filter for Remote Desktop login” if you wish to apply 2FA only by IP filter. Example of filter: “192.168.,192.56.”
    5. Enter “1FA filter for Remote Desktop login” if you wish to disable 2FA by IP filter.
    6. Setup Emergency logon if you need to provide a recovery way for Windows Logon in case of authentication media lost.
  4. Click “Save Settings” to save new settings and apply it for all workstations when Rohos Logon Key is installed.
  5. Click on “Rohos Key Manager” to start creating authentication keys.
  6. Done.

2FA by using OTP on Active Directory workstations

We have added experimental support for Google Authenticator for Domain workstations with centralized 2FA setup.

Choose Google Authenticator as authentication means in Rohos Remote Config utility , setup 2FA user in Rohos Logon Key > Setup Authentication Key. Done!

 

Download betta versions:

Rohos Logon Key>

Rohos Management Tools>

 

Rohos Face Logon 3.3

Meet a new version of Rohos Face logon from 17 January 2017. In this realease:

  • was added a support for Windows Surface 10 tablets;
  • were fixed some compatibility errors;
  • added support for Windows Surface PRO 2 devices;
  • now you can disable the logging of faces(Options -> Logged in -> off);
  • now it is possible to register another user face from current user profile. A new user can then log in without his default password;
  • the price was significally reduced (only 9Euro).

In future we plan to add a remote storing of users’ photos to provide the network access  to homegroup and domain  computers.

For more info >>>

Rohos Logon Key for Mac OS Sierra

macossierra-rohos-logon-key

Today we would like to announce Rohos Logon Key 3.3 for Mac OS X 10.12 Sierra.  By default after updating Mac OS X to Sierra it will disable Rohos Logon Key and you need to reinstall it and restart your Mac. After a month of support ticketing with Apple Inc. devs we has been figured out the update issue.

Read more

Data leaks prevention system StaffCounter DLP is available now

We are glad to present you a new product designed to prevent the leakage of information: StaffCounter DLP. This cloud-based solution allows you to protect your business from insiders and possible leakage of commercial information to competitors.

StaffCounter DLP includes:

  • Monitoring of USB drives with three types of permits: a ban on entry, read-only, full access by the serial number.
  • Control of MTP devices connection via the USB port.
  • A ban on the recording CD / DVD.
  • Control of data recording to network resources.
  • Data ban via Bluetooth.
  • Control of leakage of information through Outlook or Thunderbird: filtering data, sending via browser or email client.
  • Control of downloading and installing of applications.
  • Control of all actions of the employees at the PC.

Install StaffCounter DLP now and get effective protection of data from unauthorized copying and distribution. StaffCounter DLP can be purchased at a reasonable price – just $ 2 per computer per month + a month of free use.

  • Windows 7, 8, 10 2012Server are supported.

Rohos Disk and Rohos Mini 2.3

July 1, 2016 saw the release of new versions of Rohos Disk Encryption and its free counterpart Rohos Mini. These applications received a facelift and improved internal design.

Read more

The new and updated Rohos Face Logon is ready to use

Dear Rohos Face Logon users, we are pleased to introduce an updated version of the program you love.

In the new version you’ll find:

  • Updated interface;
  • Improved Windows 10 support;
  • Ability to chose the priority web camera for Windows tablets;
  • Support for Windows Surface and Windows Surface PRO.

These updates have been brought to the free version as well.

If you still aren’t using Rohos Face Logon to securely log in to your system, we strongly recommend that you give our product a try. The convenient face-recognition system identifying the computer or tablet owner with the webcam allows you to quickly do a biometric check and enable access to Windows.

Try Rohos Face Logon for 15 days
Install Rohos Face Logon Free

Rohos Logon Key 3.3

We are happy to announce Rohos Logon Key v.3.3 with many improvements and one nice feature.

In Version 3.3:

  • New look and options
  • 2-factor Authentication Setup and Emergency Logon improvements;
  • Improved support for Remote Desktop,
  • IP filter, error-free determination of your IP address. You can write several IP-addresses, (no spaces, comma is delimiter)
  • Improved support for OTP.
  • Support for https SMS gateway.

Read more

Backup copies made faster in Rohos Disk Encryption 2.2

Rohos Disk ensures that your data is protected from third parties by locking the disk in your absence. The size of the disk can be increased as needed. You can create several disks on a PC, USB flash drive, or a DVD at the same time.

We’ve introduced a new version of Rohos Disk — Rohos Disk Encryption 2.2. A distinctive new feature that it brings is the remarkable Backup Disk functionality. Now making a backup copy of the contents of an encrypted disk is much faster and easier. Read more

Protecting your computer and data with ruToken

Authenticating for Windows and accessing a secret disk with a ruToken key.

User authentication and identification on Windows with USB keys.In short: now the popular ruToken identification device can be used in Rohos Logon Key and Rohos Disk as the one key needed to log in to Windows and your protected data. Rohos Logon Key works fully on Windows Vista/7 and also supports authorization for remote desktops using a ruToken. User authentication and identification with USB keys.

The ruToken device has been developed by the Russian company Aktiv, which produces a family of identification devices for user device-based authorization when accessing IT resources and protected electronic data. Read more

Rohos Logon Key v.3.1

Rohos Logon Key v 3.1 allows you to implement a two-factor authentication policy, based on a user list or user groups in Active Directory. This allows you to verify two-factor authentication and apply it step by step. New features:

  • Improved option Allow login only using a USB key
  • Added function Check Key Serial Number. It restricts the keys allowed for login.
  • Configurable messages for users have been added: in the login window, in the Rohos Logon Key main program window, and in the key settings window.
  • Added Users and Keys dialog box for viewing and managing the list of created keys and users.
  • Changed licensing policy: a Server License for Windows terminal service has been added. Now the license covers the computer. The RFID token license has been withdrawn.
  • The Rohos Management Tools program suite is now provided free of charge.

Read more

Addimat USB2 Waiter Lock

We would like to turn your attention to one more device designed for secure user authentication on Windows and compatible with Rohos Logon Key. This is the RFID tag from the Swiss company Addimat.

It was originally designed for identifying wait staff in pizzerias, restaurants, and cafés. It consists of an RFID reader with a round magnetic opening and a set of matching cylindrical keys. Each key has a rugged and waterproof body. Woven into the body of the key is an individual 48-byte serial number and a PIN code, which in some models can be reprogrammed.

addimat1

Read more

Rutoken micro, a tiny identification device

To put it simply: if you are the owner of a laptop computer and are concerned about protecting confidential data, then consider the micro version of a key device for IT security. Here you’ll learn about the Rutoken micro USB token from Russia and what the main advantages of its miniature design are.

rutoken-micro-notebook

Read more

Setting up shared access to an encrypted disk

Rohos Disk Encryption allows you to set up shared access to an encrypted disk for different uses:

  1. Shared access for all users on a single computer. For example, on Windows Terminal Services,
    In this case, users do not need to know the password for the disk, and they do not need to launch Rohos Disk. They do not know where the disk’s file container is located, and they cannot delete it. Entering the password for accessing the disk is the responsibility of the Administrator or Rohos disk owner.
  2. Access for select users working with a single Windows computer.
    In this case, each user will know the password for the disk. Each user will enter the password for accessing the disk independently of the others whenever necessary.
  3. Shared access using a shared folder on the network.
    In this case, the Rohos disk drive letter open for shared access on the local network will be a file server. Entering the password for activating the Rohos disk will be done once each day by the Administrator or Rohos disk owner. The Administrator or owner will also assign network access rights to users and will be responsible for making backups and shutting down access to the disk.

Read more

Installing Rohos Logon in Mac OS 10.11 (El Capitan)

Dear users, today we have updated Rohos Logon Key for Mac installation package to support Mac OS X 10.11 El Capitan.  By default after updating Mac OS X to El Capitan it will disable Rohos Logon Key and you need to reinstall it.

Rohos Logon Key allows to easily log on, unlock or authenticate KeyChain to Mac without the need to memorize password. You can protect access to your Mac, system preferences security and other authorization requests with a broad range of security tokens like USB flash drive, Smartphone or Yubikey. Find more>
Read more

Quick Mac screen lock with Rohos Logon v 3.2

Rohos Logon Key v3.2 for Mac OS X 10.10  introduces new way to quickly lock your Mac when you step away.

New release available as free update for registered users
Or you can Try it for 15 days for free now >>>

Windows 10 support

Windows10logo
Read more

The exceptionally small Rutoken Micro authentication device

Simply put, if you own a notebook and are concerned about the security of your information, then you should take a look at the micro version of this IT security key. Here you’ll learn about the Rutoken ECP Micro from Russia and the major advantages of its miniature design.

Read more

Secure Terminal Server authentication by using Google Authenticator or SMS

remote-desktop-2fa-authentication-google

New Rohos Logon Key v3.2 allows to secure your Terminal Server by adding strong 2-factor authentication policy for remote desktop connection. In order to login users needs to provide regular login and One-Time-Password code. Also we have simplified licensing for Windows Terminal server by introducing “Rohos Logon Key Server license” that allows unlimited use of Rohos Logon on a single Terminal Server.

2-factor authentication variety:

  • By using a smartphone with Google Authenticator application;
  • When One-Time-Password is delivered to any mobile phone by SMS;
  • By using a hardware OTP generator like Yubikey;
  • Each user account can be configured with any type of 2-factor authentication mean;

Read more

Rohos software in Turkish language

Rohos Logon Key and Rohos Mini Drive available in Turkish language:

Rohos Logon Key USB belle?inizi aç?l??ta PC nize eri?ebilmek için benzersiz bir anahtar haline getiriyor.Rohos Logon Key herhangi bir USB sürücünüzü PC niz için bir güvenlik arac?na dönü?türüyor ve Windows a eklenerek daha güvenli bir eri?im sa?l?yor. Ayr?ca Rohos Logon Key cihaz?n?z? takt???n?zda otomatik olarak Windows un kilitten ç?kar?r.Rohos Logon Key iki a?amal? bir güvenlik sa?lar, USB belek ve PIN kodu. Windows ise Güvenli Modda korunmaktad?r.Acil durum eri?imi USB bellek kayboldu?unda veya hasar gördü?ünde PC nize ula?abilmeniz için yard?m eder.

Read more

All new Rohos Logon for Mac

We are glad to present Rohos Logon Key v.3 (for Mac OS X) with multiple authentication methods support. Now it is possible to setup USB drive or any smartphone as a key for your Mac and use all of them at any time.

Rohos Logon Key allows to use USB stick, any mobile phone or Yubikey to login and unlock Mac without using password.

Read more