Rohos Logon Key 3.3

We are happy to announce Rohos Logon Key v.3.3 with many improvements and one nice feature.

In Version 3.3:

  • New look and options
  • 2-factor Authentication Setup and Emergency Logon improvements;
  • Improved support for Remote Desktop,
  • IP filter, error-free determination of your IP address. You can write several IP-addresses, (no spaces, comma is delimiter)
  • Improved support for OTP.
  • Support for https SMS gateway.
  • Now you can require 2-factor authentication for RDP connection both for all users and only for rohos group.
  • Added option for secure setup of two-factor authentication to avoid access to a PC being blocked in the event of incorrect settings.
  • Support for new option in the Rohos Logon Key for Android OS:
    • fast unblocking  Rohos Logon Key: unlock by screen-on and double knock;
    • Use of Bluetooth to transmit an authentication packet. All you have to do is pair your phone with your PC.
  • Emergency access – without deleting the security settings.
  • Fixed bug in supporting long serial numbers for USB devices.
  • Windows XP support ends now;
  • Betta: Block access to USB flash drives (and external HDDs) : readonly or complete;

Read more

Protecting your computer and data with ruToken

Authenticating for Windows and accessing a secret disk with a ruToken key.

User authentication and identification on Windows with USB keys.In short: now the popular ruToken identification device can be used in Rohos Logon Key and Rohos Disk as the one key needed to log in to Windows and your protected data. Rohos Logon Key works fully on Windows Vista/7 and also supports authorization for remote desktops using a ruToken. User authentication and identification with USB keys.

The ruToken device has been developed by the Russian company Aktiv, which produces a family of identification devices for user device-based authorization when accessing IT resources and protected electronic data. Read more

Rohos Logon Key v.3.1

Rohos Logon Key v 3.1 allows you to implement a two-factor authentication policy, based on a user list or user groups in Active Directory. This allows you to verify two-factor authentication and apply it step by step. New features:

  • Improved option Allow login only using a USB key
  • Added function Check Key Serial Number. It restricts the keys allowed for login.
  • Configurable messages for users have been added: in the login window, in the Rohos Logon Key main program window, and in the key settings window.
  • Added Users and Keys dialog box for viewing and managing the list of created keys and users.
  • Changed licensing policy: a Server License for Windows terminal service has been added. Now the license covers the computer. The RFID token license has been withdrawn.
  • The Rohos Management Tools program suite is now provided free of charge.

Read more

Addimat USB2 Waiter Lock

We would like to turn your attention to one more device designed for secure user authentication on Windows and compatible with Rohos Logon Key. This is the RFID tag from the Swiss company Addimat.

It was originally designed for identifying wait staff in pizzerias, restaurants, and cafés. It consists of an RFID reader with a round magnetic opening and a set of matching cylindrical keys. Each key has a rugged and waterproof body. Woven into the body of the key is an individual 48-byte serial number and a PIN code, which in some models can be reprogrammed.

addimat1

Read more

Rutoken micro, a tiny identification device

To put it simply: if you are the owner of a laptop computer and are concerned about protecting confidential data, then consider the micro version of a key device for IT security. Here you’ll learn about the Rutoken micro USB token from Russia and what the main advantages of its miniature design are.

rutoken-micro-notebook

Read more

Secure Terminal Server authentication by using Google Authenticator or SMS

remote-desktop-2fa-authentication-google

New Rohos Logon Key v3.2 allows to secure your Terminal Server by adding strong 2-factor authentication policy for remote desktop connection. In order to login users needs to provide regular login and One-Time-Password code. Also we have simplified licensing for Windows Terminal server by introducing “Rohos Logon Key Server license” that allows unlimited use of Rohos Logon on a single Terminal Server.

2-factor authentication variety:

  • By using a smartphone with Google Authenticator application;
  • When One-Time-Password is delivered to any mobile phone by SMS;
  • By using a hardware OTP generator like Yubikey;
  • Each user account can be configured with any type of 2-factor authentication mean;

Read more

Automatically logon in Windows 8

Sometimes is necessary to provide a user the automatically logon in Windows without using of any key and password. Administrator’s account, however, must be protected with a password and hardware key.

Windows 8 allows you to login without writing a password, although it was assigned.

For example, we’ve created a user account User321, and assigned a password for it. For administrative purposes we have got an Admin with his own password on the same machine.

Run please Rohos Logon Key application and create a key for Admin:

Read more

How to setup a key for each user on MAC OS X 10.9. Step-by-step manual.

To use a hardware key instead of a password for each user do the following:

  • Install Rohos Logon Key application on your MAC:

Read more

Using of Aladdin(SafeNet) e-token PRO with Rohos Logon Key.

Electronic USB-keys and smartcards eToken are compact devices, designed to provide the data security for corporate clients and private users. Like an ordinary computer, eToken contains a microprocessor and memory modules, works under his own operating system, executes his applications and stores Your information.

To use an e-token in your system, you should install a driver and configuration tool from its manufacturer. Download it from http://www.aladdin-rd.ru/support/downloads/etoken/ . Now actual is eToken PKI Client 5.1 SP1 for Microsoft Windows XP, Vista, 7, Server 2003, Server 2008 .  Restart the computer to let it working.

Launch eToken Properties application from Start menu. Connect eTocken to USB port. Read more

Rohos Logon Key 3.0 with OATH support

Let us present you a new version of  Rohos Logon Key program – Rohos Logon Key 3.0 with OATH support. Now you can use popular Google Authenticator and Yubikey H-OTP for 2-factor Windows login.

Rohos Logon Key  will prevent your computer from illegal intrusion into the personal data stored in your PC. Log in to your Windows with the help of 2-factor authentication by using various tokens and electronic keys. Believe it or not, the program changes an ordinary USB flash drive into powerful, two factor tool protecting your computer and notebook.

What’s new to discover?

  1. Google Authenticator support one time passwords (OTP) generator from Google.
  2. YubiKey HOTP support for Windows login
    Both of these tokens can be configured for 2-factor login: Something you have (Phone or Yubikey) and something you know (Windows password)
  3. New settings and bugs fixed for wireless key – Wireless PC Lock based on RFID technology.
  4. New settings features have been added for Easyident FS- 2044 wireless reader equipped with elegant tags in the shape of EM 4100 watches.
  5. Auto Logoff Timer
  6. Writes Log for all authentication eventsinto txt file
  7. Yubikey settings update added the list of configured yubikeys with possibility to remove certain key and import/export settings. PIN code feature has been disabled.

A more detailed overview:

Read more

Windows 8, Yubikey and 2-factor authentication renewal

We updated Rohos Logon Key 2.9 with a few new options including Windows 8 support.

Rohos Logon Key allows to access Windows computer or Remote Desktop session by using a USB Key and optional password. With this release we allows all of the customers update for free before we switch to version 3.

What’s new list:

  • Windows 8 support
  • Yubikey Options dialog box now allows to edit and export registered Yubikey List.
  • New 2-factor authentication possibility – Require user to type Windows password along with a USB Key. Forcing string 2-factor authentication for Windows login.
  • Updated “Wireless PC Lock” tags support.
  • New feature – Write all authentication events to log file.

Download Now (Release date 14/11/2012)

Windows 8 Support

Now Rohos Logon Key authentication tile look like this.

USB Key based login into Windows

Read more

Rohos Logon Key v. 2.9 improvements for Windows 7

Dear users and customers, we are happy to announce a few improvements in Rohos Logon Key. New features affects “Allow login only by USB Key” feature specially when using Rohos Logon in corporate network or Windows Remote Desktop services.

What’s new:

1. When you use “Allow to login only by USB Key” feature, you may define a set of users that will be able still to login by a regular password (without USB Key). Please note:
– Current user name is added to this list automatically by default .
– We recommend to set it to Terminal Server administrator user name
– If it is blank: regular password based login will be disabled for any user (ensure that you have defined Emergency Login or have a valid USB Key)
– Rohos Icon in Credentials Prompt dialog box allows any user name credential to be entered manually.


2. On the Windows 7/2008 logon screen you have Rohos logon icon.

Now it contains User name and password fields. This is designed specially for network Admins to be able to access computer in a regular way locally or via Remote Desktop.


3. User Account Control credentials prompt with Rohos icon. Now you can regular use here User Name and password. Please note – this credentials prompt accepts USB Key or any user name and password entered manually.


4. On Windows 7/ 2008 Rohos logon key creates “Rohos Logon Key (User)” shortcut that allows regular users to setup and manage USB Key for Windows authentication.


5. USB key redirection into Remote Desktop

Rohos Logon Key allows to setup redirected USB flash drive as a Login Key for Windows Remote Desktop.

On the screenshot “\\tsclient\G” is a USB flash drive connected to client PC. After setting up this USB drive it will contain also portable Rohos components to login into Remote Desktop from any PC with this Key (without installing Rohos on it)


A few notes about Windows Remote Desktop services support

Today In most configurations “Network Level Authentication” option is used on a Windows Terminal Server (TS). It  means after providing credentials in the MS Remote Desktop Connection user login straight into Remote Desktop (without entering credentials at login screen).

In this case you need to use “Allow to login only by USB Key” option in Rohos Logon Key (installed on TS). So NLA will be used anyway but in addition require USB Key in Terminal Server login screen. This will enforce 2-factor authentication principle : Remote Desktop users will be able to provide credentials at RDC and USB Key will be verified also.

If you are Network Administrator you will be able to login into TS by using regular username/password .

Remote Desktop connection passthrough

On Windows 7 / Windows 2008 R2 rohos credential provider support passthrough authentication for Remote Desktop login (based on NLA – Network Level Authentication). Once credentials are authenticated via NLA it will be used by Rohos.

To enable this feature: Open Rohos Logon Key > Options > More > and enable “Enable authentication filter”.


Windows 7 / 2008 logon screen editor

Now Rohos Logon allows to edit logon screen picture (background) and user icons.

The list of options you can customize on Windows 7 logon screen by Rohos:

  • Hide Rohos Logon Key icon
  • Change the picture of Rohos Logon Key icon
  • Hide any user icon or just a single icon
  • Change background picture of logon screen

Download Rohos Logon Key release with this improvements.

Rohos Logon Key v. 2.9 with RFID reader easyident FS-2044 support

Tesline-Service SRL encourages new technologies. Now Rohos Logon Key allows to use a various of easyident RFID tags for Windows logon. Thanks to awinta.de We have got a sample of easyident FS-2044 RFID reader, produced by FS Fertigungsservice (Germany).

This RFID can read and write a few types of Tags produced by the company, including one handy Hitag bracelet EM4100. RFID tag EM4100 is a read-only RFID tag with a 40 bit unique ID which is read automatically by RFID reader FS-2044.

This space-saving device with dimensions 91 x 91 x 14 mm is very compact. Easy to install, you only need to setup the drivers for Windows from the official web site. We have successfully integrated this device with Rohos Logon Key v.2.8. The easyident FS-2044 is one in a multiple devices that can be use in Rohos Logon Key for secure login your Windows computer.

Read more

Credentials Prompt of RDP 6.0 and login with USB Key

Microsoft Remote Desktop Connection 6.0 (on Windows Vista\Seven) by default makes it mandatory for the user to enter user name and password before RDP client can establish connection to the WinSeven/2008 remote server (“ Enter your credentials for <server>. These credentials will be used when you connect to the remote computer” ). This is called “ Network Level Authentication“. If you are going to use USB key you can skip this prompt or disable it.

on vista you will see

As Rohos Logon Key RDC plugin works with the established terminal session this Credentials Prompt may be ignored or disable it by default.

Actually if Rohos Logon is installed locally it could work in this ‘credential prompt’ window:

How to disable RDC Credentials Prompt:

To skip the credentials prompt – choose “Do not attempt authentication” under Authentication options on the Advanced tab, but this option is not set permanently. To permanently skip the additional credential screen , edit the Default.RDP file (My Documents folder) in notepad. Including enablecredsspsupport:i:0 disables the Credentials Security Service Provider for the connection. If you use separate .RDP files for different server, modify each of those .RDP files. Below is the content section of the default.rdp file with enablecredsspsupport:i:0 option included.

redirectposdevices:i:0
authentication level:i:0
enablecredsspsupport:i:0

prompt for credentials:i:0
negotiate security layer:i:1

Note that this workaround is suggested only if you connect Windows 2000/2003/XP systems because according to Terminal Services Team blog post – “This option does disable the new credential prompting behavior, but it also disables support for Network Level Authentication for Vista (and Longhorn Server) RDP connections; Network Level Authentication requires credentials to be provided by the client before a session is created on the server side.” So if you do connect to Vista over RDP, you’ll not be able to use this option.


Rohos Logon Key v.2.7 for Windows Seven

Windows Seven support for Rohos.

Rohos Logon Key v.2.7. offers two-factor authentication solution for Windows Seven based on various USB tokens and authentication devices. By using a strong and secured password stored on a USB token you can improve your computer security.

What’s new in Rohos Logon Key 2.7:

  • Updated installer:
    – Now Setup package copy correct help file according to installation language
    + Added Japanese and Chinese languages
  • Supports new USB tokens and authentication devices:
    + Touchatag RFID proximity tags (former TikiTag).  Wireless tags for Windows logon.
    + Swekey OTP token (Offline + Online validation, see Options link )
    + Securetoken ST2, ST3 (PKCS11 based tokens). ST3 has an auto-install feature.
    + Senselock trueToken EL (ultra-small PKCS11 based token)
  • Improved Windows Vista/Seven support
    – fixed Rohos Logon Credential icon in Vista UAC dialog. Now USB tokens with PIN code can be used to get credentials for any elevation.
    – fixed Windows Remote Desktop support.
  • Major improvements in  ‘Bluetooth logon’ feature.

Read more…

Rohos Logon Key v.1.7.2 for Mac OS X

Tesline-Service Announces Rohos Logon Key v.1.7.2 for Mac

Chisinau, May 05, 2009 – Tesline-Service SRL today announced that its Rohos Logon Key authentication solution for Mac OS® X Tiger and Mac OS® X Leopard now supports two-factor authentication with any USB flash drive and PIN code.

Mac OS X security benefits:

  • Access your Mac with hardware USB key
  • The Mac is protected but you don’t need to enter your password manually each time you unlock your Mac
  • Automatically lock your MAC screen when USB Key is unplugged
  • Unlocking your MAC with a USB token is fully automatic and fast!
  • PIN code option offers two-factor authentication

Read more

Rohos Logon Key v.2.7 beta: Senselock, Swekey, Touchatag, Securetoken

(updated 30 June)

Rohos Logon Key v.2.7. – two-factor authentication solution for Windows now supports the new types of USB tokens and authentication devices, improved Windows Seven support.

What’s new list:

1. Updated installer:

– Now Setup package copy correct help file according to installation language.
+ Added Japanese and Chinese languages UI

2. New USB tokens:

+ Touchatag RFID reader and proximity tags (former TikiTag).  Wireless tags for Windows logon.
+ Swekey OTP token (Offline + online OTP validation, see ‘Token options’ link in Rohos Logon Options)
+ Securetoken ST2, ST3 ( PKCS11 based tokens). ST3 is a driverless token and has an auto-install feature.
+ Senselock trueToken  (ultra-small PKCS11 based token). Software protection token adopted for authentication purposes.

3. fixed Rohos Logon Credential icon in Vista UAC dialog. Now USB tokens with PIN code can be used to get credentials for any elevation. See screen shots below. Also improved Remote Desktop support.

4. Major Improvements in  ‘Bluetooth logon’ feature.

  • Now Rohos Logon supports WidComm Bluetooth stack, thus supporting more Laptops.
  • Improved compatibility with Nokia PC Suite. Now rohos support remembered and paired bluetooth devices and correctly detect when the BT device is our of the range.

Download beta (2Mb)

Read more

Touchatag – wireless tag for Windows and Mac logon

Touchatag (former TikiTag) – technology that enable to connect the real world objects with a computer and Internet. The project was launched in 2008 by the Alcatel-lucent. The technology is based on RFID tags reader + tags + program on the local computer + Web service.

With the help of such technology interesting ideas could be brought into life, such as:

  • E-pass (access control) – give tags to users, and upon the tags being brought to USB reader the logging into Windows / Mac or Web site is performed automatically. For example, you can “stick” tikitag on your mom’s notebook – come up to the computer and the mail opens. To “stick” it on a child’s toy – run it over the reader – and the game is launched.
  • E-catalog of goods (logistics) – to all things (book / folder / item) could be stuck or sewed in the RFID tag. Run it over the reader and the thing is registered.
  • Location is not important: Touchatag – is a centralized technology (there is a Web server), so all Usage Examples that are set up on one computer work on all computers where there is USB reader tikitag.

TouchaTag RFID tags are supported in Rohos Logon Key v.2.7 and Rohos Logon Key for Mac v.1.7 – in order to provide the solution for Windows / Mac authentication  by using RFID tags.

Read more

Video: Access your Windows computer with YubiKey

The video shows thorough instructions on how to set up and use YubiKey for secure Windows logon. “Also Rohos Logon Key supports YubiKey with static password and dynamic OTP” – says Alex. “As an additional level of protection Rohos Logon doesn’t allow to type in the OTP manually, denying such OTPs.”