The video shows how to set up YubiKey for Remote Desktop access. “In order to use YubiKey for RDP you need to install Rohos Logon Key Server Version“- says Alex. “USB Key Management Utility from Server Version allows you to add and set up Yubikey.” To learn more on how to set up YubiKey in Rohos Logon Key please, read
Rohos Disk Encryption software allows users to haveÂ new secure storage on a computer or USB flash drives. In this post we would like to underline the importance of data back-up especially if you are using Rohos disk on USB flash drives. Due to nature of USB flash drives (portable and special memory design) its memory is subject to external influence and the data integrity is not so strong.
Most people realize the importance of data back-up after the disaster has happened:
- they lost USB stick with secured partition on it
- after a couple of month of using secure partition on the USB flash drive it has numerous of File System errors due to missed Disk Check procedures
- after an occasional (but still possible) USB memory data sector failure a part or entire secure Rohos partition is damaged
Rohos Disk Encryption software creates hidden and protected partition on the USB flash drive. With the help of the program you may password-protect a part of your USB flash drive and open it on any computer by simply entering your password.
Since most USB Flash drives, even the larger ones, are normally formatted with the FAT32 file system – there are limitation on the maximum size of the encrypted partition of 2 or 4 GB (max file size limitation).
In order to create a secured partition that is bigger than 2 Gb you need to change your USb stick into NTFS format.
Before changing the file system on a USB drive care should be taken to backup any critical data on it just in case the process does not work.
- Doesn’t require to install anything on client computers
- Support cross Remote Desktop connections. (RDC via RDC)
- Cross platform: Connect to Windows Remote Desktop from Mac or Linux also
- Works with Windows Active Directory configurations
- Support password update/renewal policies
- Allows to quickly Add or disable certain YubiKey tokens for access
- Works in Windows 2003/2008 Terminal Servers
What’s new for YubiKey security:
- Support for remote OTP verification and local OTP decryption
- Yubikey setup dialog where you can Enter Yubico authentication web site or AES key for OTP decryption
agent.exe "c:\My Documents\rdisk.rdi" /letter:Z: /log
Request a password to connect Rohos disk rdisk.rdi.
/letter:Z: – the drive letter it will be connected (optional)
/log – allows creating a log file (agent.log) when performing the operation. Only when the disk is mounted from a USB drive.
/password – allows specifying a password for Rohos disk
Second option would unmount the disk, which is located on the USB drive.
Disconnect Rohos disk Z:
Rohos will disconnect all ofÂ the Rohos drives.
Rohos Disk shortcuts
Rohos Disk Encryption allows creating a disk shortcuts on the desktop or any other place. When you double click this shortcut you will be prompted to enter a password to connect this Rohos disk.
On the screen shot you can see how to make disk shortcut for any Rohos disk using “Tools” menu:
After you created disk shortcut, you may find it on the desktop and edit properties to specify the drive letter it will be connected with:
Automatic disk off upon user idle time
A user also can automate Rohos Disk security, in other words automatically disconnect it after 30 minutes of user’s inactivity.
Here is a BAT file for this:
schtasks.exe /create /tn Turn_Off_Rohos_Disk_On_Idle /tr “\”c:\program files\rohos\agent.exe\” /unmount:R:” /sc ONIDLE /i 15 /ru “System”
“/tn Turn_Off_Rohos_Disk_On_Idle” task name
“/unmount:R:” – disk letter to disconnect
“/i 15” – inactivity timeout in minutes.
“/ru “System”” – user name that will be used to execute the command.
Rohos Disk Encryption new release from June 05 now allows more efficiently password protect your USB flash drive – with Virtual Keyboard. As the response to multiple users’ request we added Virtual Keyboard that enables the program’s user to safely enter a password without been traced by a key logger while working on a guest’s computer.
In the Rohos password access box there is a new button, clicking on which enables virtual keyboard.
And Autorun folder – all shortcuts in this folder will be automatically started when virtual Rohos drive is connected. Users can Save and Delete shortcuts there manually. If you don’t have this folder just create it.
Not long ago we bought APACER AH620 with 4 Gb capacity and fingerprint scanner. Embedded program allows to use password protected USB flash drive for data protection.
Device special features:
- There are two Partitions on the disk: Secure Partition of the USB flash drive, and Open Partition
- The Open Partition is always accessible (some biometric USB flash drives hide Open Partition with its files and folders while working with Secure One)
- Partitions’ sizes can be changed with the help of built-in utility – “Resizing tool”. This utility is on the disk that goes as a unit
- Secure Partition is accessible only after successful fingerprint authentication of the owner or his/her password. The device presents high USB flash drive security
New device, 1 Gb MEM-Drive Biometric Scanline takeMS flash drive, came in our laboratory. Carry it Easy Plus Bio built-in program allows to use Biometric Authorization for data protection on USB drive. The present USB flash drive is compatible with Rohos Logon Key.
Device special features:
- There are two partitions on the flash drive: Open and Secure
- The Open Partition is not always accessible. The given USB flash drive hides the Open Partition while the Secure one is used.
- Partitions’ size cannot be changed, it’s steady. (for 1Gb it’s 150 of Open and 900 Mb of Secure Partition)
- Secure Partition is accessible only after successful fingerprint authentication of the owner or his/her password
- There are various options offered in Secure Partition:
- Internet Options (keeping Favorites, No Trace Browsing)
- Microsoft Outlook (Portable Outlook & Outlook Express)
- Outlook Express
- File Synchronization (computer to USB drive)
- Security Settings (up to 10 fingerprints, 1 password)
- Lost & Found (chargeable)
- Carry it Easy (the program is developed by Romanian company CoSoSys)
The new version of Rohos Disk (1.18) includes new utility, Rohos Disk Browser. This enables you to open and view the contents of secret partitions on a USB drive on any other computer, even if you do not have administrative rights.
Rohos Disk can password-protect a portion of a USB flash drive, by creating a virtual encrypted partition. The partition is protected by a password, and can be opened on any computer. Now, even if you are in an internet cafe and have no administrative rights, you can still have read access to your secret partition with the help of the Rohos Disk Browser utility. This means that you can open any file and read any data. Naturally when you are at your home or office computer, you will still be able to work with your encrypted partition as usual.
On a strange computer you can always open your protected partition on the USB flash drive (in read-only mode) with the help of the Rohos Disk Browser utility. This makes it possible to open or copy only one particular file or directory, without granting access to every file.
This feature is enabled in a Rohos Mini Drive program – FREE and tiny USB drive encryption tool.
Our technical support department often receives messages from users requesting help. The users are unable to log into the system because the USB key is lost or corrupted, and the user has forgotten the PIN code or entered it incorrectly three times, or the system is set up to “allow logon only via USB key”.
To learn more: What if I cannot logon using the USB key?
Properly setup Emergency Logon will maintain the high degree of security that Rohos Logon Key provides, remember if it is easy for you to access it may be too easy for Bad Guys.
To Define Emergency Logon in Windows from Start > [> = go to] Rohos Logon Key Center > Set up USB Flash Drive > look just above the row of three buttons at the bottom of the window for â€œSetup Emergency Logonâ€ in blue.
We always wanted to tell you that in order to use the program Rohos Logon Key, you have to set up the option “Optimize USB drive for quick removal” (read farther).
And our user Patrick reminded us about that:
â€œI am trying Rohos Logon Key . I have two questions. If you pull USB drives out of the computer, you risk losing data or killing the drive. Couldn\â€™t this cause a problem if using Rohos in this manner? â€¦â€
Patrick meant that before pulling the USB drive out you should use the dialog Safe hardaware removal:
But when you use Rohos Logon Key it’s useless to use this Safe Removal dialog (though you may do it if you use PIN code and lock the system by hotkey Win+L), because the quick computer lock-out by using USB key becomes senseless. In this case in Windows you should set up the option To optimize USB drive for quick removal:
The red lines show the actions that go one after another: My computer – USB disk properties – Hardware page – double click on the name of the USB disk – Policy – Optimize USB drive for quick removal check box.
More than 20 USB flash drives were at our disposal, and only 1 of 3 “has died” suddenly (stopped recognized by Windows on the next day).
Not long ago, one of our users in Forum has suggested an interesting idea how to use Rohos disk. Actually, it concerns all the similar programs virtual-disks, but it seemed, we are the first.
So, hereâ€™s the issue. If users have the Linux samba server, they have access to the networkÂ folders on that Linux server for storing their files there. Thus, very often duringÂ working with the filesÂ that containsÂ specific (native) letters of your mother tongue(Ã¤, Ã¼, Ð‘, Ñ†), the letters get lost.
Hereâ€™s what our user has written (translated from german):
â€¦ the program can solve the problem by creating on the network shared folders big-sized virtual disks. Cause files which contain theÂ characters of your language in file names get lost, because the network folder is on the Linux server with Japanese BIOS.
This is how it looks:
Thus, if you keep Rohos disk on Linux computer in the network folder, andÂ useÂ (mounting)Â it in on your computer or in Windows server,Â these letters in files names will be unaltered (the file system NTFS accomplishes it cause it is UNICODE enabled).
In Internet one can easily find a lot of programs on the subjects like â€œUSB flash drive securityâ€, â€œSet up password on USB flash driveâ€, or â€œEncrypt USB flash driveâ€. Each of them has its pros and cons. Letâ€™s take up the issue in detail.
Programs for USB flash drive encryption are divided into 2 groups:
- The programs that encrypt the separate files on the USB flash drive. The secure files are stored in the special (hidden) folder on USB disk. Certainly, the files names are modified, and the contents are encrypted. You can open the file only in the program, at the same time the file is decoded on the USB disk and then opens in the associated application. At the end it is required to give a command â€œto update protected fileâ€.
Such programs are “Remora USB guard”, “USB Vault” “Folder Lock”. If you wish you might replace these programs by usual password archive RAR, ZIP (with built-in encryption feature). It automatically renews the archive file, if you have opened it in the archive and changed it.
- The programs that create virtual encrypted disk, where all the files are automatically coded/ decoded without direct user command. The disk is fully contained in the USB flash drive.
These programs have a number of advantages:
- A user works with the protected files directly. It is not necessary to indicate what file should be decoded
- The files are being automatically coded/ decoded as required
- Temporary files are also kept as encrypted ones
- It is possible to work with a virtual disk from any program
The main disadvantage is that you should have Administrative privileges to open this virtual disk, because the program loads the disk driver, i.e. if you want to open the disk in Internet cafe, you will not manage it by 99%. However, such kind of program is right for secure carrying over the files from home and work and vice versa.
There are also the programs that are usually included in the stand of some USB flash drives (for example Transcend Jet Flash). They divide the USB flash drive memory into 2 partitions. 2 Removable disks are showing up in the system while connecting. The first disk is open, the second one is entirely
encrypted. If you want to open it for reading/recording, you should enter password in the special program.
Windows secure logon based on face recognition