Access your Remote Desktop in a secure way by USB stick

Rohos Logon Key works with Remote Desktop connection program and allows to log in into your Remote Desktop by using hardware USB token. (two-factor authentication solution).

Rohos Logon Key allows to access Windows and Mac computer in a secure way by using the popular USB tokens and authentication devices (OTP, PKCS11)  replacing weak password based login.

How it works

Rohos Logon Key integrates into Windows Terminal Services login screen (Windows XP/ 2003/ Vista/ 2008/ Seven). It works by adding two-factor authentication level to existing access control infrastructure. After deployment users can log into remote session by using USB key. It is convenient and secure password replacement solution:

  • It does not require users to learn additional software
  • Users just use USB Key (pre-configured by Administrator) for login
  • If you use USB flash drive or Yubikey OTP token as a logon key then you may not install Rohos on a every machine you log in from
  • It provides higher security level through using long password that is stored on USB token.
  • Two-factor authentication is provided by using a PIN code (with limited number of wrong attempts).

USB Token Admin

Read next to find out how to configure it.

How to try RDP login by USB Key:

In order to try Remote Desktop login by USB key you can download 15-day trial version Rohos Logon Key. Download.

You should have Windows XP Pro/ Windows 2003/ Windows Vista/Seven or Windows 2008 Server as your Terminal Server computer to try it.

Steps by step:

  1. Install Rohos Logon Key on the Terminal Server computer (needs restart). Open the program and set up USB key. 100% safe
    Installing Rohos on a Server computer is 100% safe. Rohos does not replace MsGINA.dll (or NWGina.dll, etc.) authentication component like other ‘logon’ softwares do. This ensures that your Windows Server will be stable.
  2. Open Rohos Logon Key > Configure Options and ensure that Windows Logon model is:
    -”Typical Windows login (msgina.dll) if you have Windows XP/ 2003
    -”Rohos Credential Provider” if you have Windows Vista/2008
  3. Open the program and set up USB key. Or use Rohos USB Key Manager tool.
  4. Install Rohos Logon Key also on any client computer where you are RDC from (doesn’t need to restart.
    This Step is optional if you use USB flash drive as a USB token or any of supported OTP tokens, see comments below.

First login into Remote Desktop by USB token:

Now you can open Remote Desktop connection from a client computer. Ensure that it has a green Rohos USB Key icon. Plug in USB stick into local PC and then User password information will be transferred to remote session.

Windows 2003 Terminal Server login

USB Token Admin

Windows 2008 Terminal Server login

Web based Remote Desktop is also supported. To learn more please, read

If you do not want to install Rohos Logon Key into any computer you log in from

  1. First solution - Install Rohos Logon Key server application to Administrator’s PC and run USB Key Manager tool.
    You should copy Rohos Remote Login component into a USB stick. Use “Remote Desktop” button to set up USB Key with remote desktop component in to USB stick.

Note: that you should correctly set up user profile on USB Key according to your network environment. You can do it with User profile Editor dialog. Please see more here

Note: that the name of Windows Terminal Server computer or Windows XP computer should be in the “Domain” field if you plan to use USB Key for Remote Desktop Login into Windows Terminal Server or Windows XP computer.

The program automatically stores Registration Key on the USB Key (from the key list file), so when the user logs in from his/her computer for the first time, the program on the client’s computer becomes a registered one.

 

The user should start “Welcome (RDP setup)” application on any Windows 2000/XP computer from where user has an access to remote desktop. Then Remote Desktop application should be restarted in order to apply Rohos login plug-in.

2. Second solution - use Yubikey or Umikey OTP tokens.

Benefits of Rohos Logon Key for networks:

Rohos Logon Key can be easily integrated into existing infrastructures. It offers native support for Active Directory, eDirectory (with installed Novell Client), Microsoft Windows 2000/2003/ XP / Vista / 2008 server.

Security features:

  • Your Computer security benefits:

    1. Replaces weak password based login with a hardware USB key (USB flash drive or memory card)
    2. Use big password, without the need to remember it
    3. Login with a USB Key is fully automatic and fast!
    4. The system is password protected but you don’t need to enter it manually each time you login or unlock Windows
    5. Secure 2-factor login: Your USB Key + PIN code password
    6. Uses a single USB Key to sing-in into your Home, laptop and office computer
    7. Windows is protected even in Safe Mode

No difficulty:

  • Removes the burden of remembering and entering and re-entering strong passwords;
  • No PKI infrastructure needed.

Rohos Logon Key can be easily deployed to provide secure environment and helps your organization to meet regulatory compliance (HIPAA).

New! For Web Based Remote Desktop - If you have enabled a virtual channels application in your Terminal Services deployment, you can make Rohos Logon available on client computers that access the terminal server by means of the Remote Desktop ActiveX control. To learn more please, read

Rohos Logon Key Server Version

It is specially designed to be installed into Administrator’s computer.I t allows carrying out the following administration tasks:

  • To configure USB keys for the access to any computer in the network in the USB Key Management utility.
  • To configure USB keys for the login into the remote desktop.
  • To change Rohos Logon settings remotely on the network workstation.
  • Remotely connect to USB key. Learn more

Supported USB tokens

Rohos Logon Key supports the following USB tokens for Windows Remote Desktop login:

  • regular USB flash drive (100 Kb free space required).
  • Yubikey, Umikey OTP token.
    There 2 USB tokens - does not require to install Rohos on client PC.
  • PKCS11 enabled token. We tested Aladdin eToken, Securetoken ST3/4,  sense trueToken, RuToken, uaToken.


Library:

Rohos Logon Key for YubiKey integration guide - Step-by-step guide on how to set up Windows remote desktop logon with YubiKey.

Rohos Logon Key Administration and Installation guide

USB Key Administration Utility - manage hundreds access keys