2FA bypass control in Rohos Logon Key 4.8

We are glad to announce Rohos Logon Key 4.8 with automated control over ‘2FA bypass scenarios’. New experimental feature allows to get an immediate push notification on the smartphone when 2FA procedure was avoided during login/unlock or reconnect to console or remote sessions. Because of well-known system vulnerabilities that allow RDP session hijacking, never-ending stories with 0-day exploits in RDP protocol or authentication system, unattended remote tools like TeamViewer or 2FA credentials theft during fishing or social engineering – all these lead to unpredictable threat models and risks.
Rohos Logon commits experimental innovation to address these issues. Currently, Rohos Logon Key app uses three simple rules to trigger push notifications in case of 2FA bypass. This allows defining response and mitigation in case of unknown vulnerabilities of the authentication procedures. The experimental approach works well for standalone Terminal Servers, AD farms, cloud servers in AWS or Azure, workstations or personal laptops as well. In the future, we plan to add more rules and response actions that allow mitigating authentication vulnerabilities of Windows system, Rohos or human factor. Rohos Logon Key is the only 2FA application in the world that offers self-control loopback from 2FA login prompt till session desktop. Read more about how it works.

Read more

What are strategies for protecting against two-factor authentication vulnerabilities?

Long time ago, Microsoft admitted that “game is over, if an attacker is landed inside your Active Directory” (“Mitigating Pass-the-Hash and Other Credential Theft”, version 2) by putting the following statement :

“Assuming breach requires a shift in mindset from prevention alone to containment after breach”

Meaning that no security software will help you since that moment. With this statement Microsoft team accepted that 0-Days vulnerabilities and exploits will continue to appear in future. What lessons security architects and experts may learn from Sunburst/Solarwind case? Probably the statement may be expanded to a wider scope:

“Assuming ongoing breach executed in an unidentified past requires a shift in mindset from prevention to continuous containment”.

What if the breach was already happened but we dont know about it now? Cyber-Security vendors now start offering solutions that includes new paradigm :

  • Breach Prediction and Threat Intelligence that monitors threat actors in dark net, vulnerabilities and tactics they are going to use. This will allow to identify potential targets and the weaknesses that will be exploited.
  • Breach Detection and Response with security controls that will continue to perform even in containment phase (i.e. “game is over”). Make Malware/RAT/APT operators to move in a wrong direction, take “wrong” things, while leaving more Indicator of Compromise and evidences in IT infrastructure.

Read more

New Rohos Disk Encryption app for Android to access encrypted Google Drive folders

The new version of Rohos Disk for Android allows accessing folders on Google Drive/Dropbox/OneDrive encrypted by Rohos Disk Encryption on Windows.

Read more

MFA for Remote Desktop access with U2F FIDO security keys in Rohos Logon Key v.4.7

Rohos Logon Key v.4.7 now has multiple improvements, allows using U2F FIDO security keys as a second authentication factor for Remote Desktop access. This makes Rohos absolutely unique solution that allows using U2F keys for Remote Desktop 2FA login as well as console-based login.
We also added an experimental feature to Rohos Logon to work as a password filler for the LastPass browser extension (experimental).

During pandemic remote access became very popular and sometimes mandatory due to restrictions. Rohos Logon Key allows protecting remote access with convenient two-factor authentication. Rohos may easily work over a classic Microsoft RDP as well as other popular solutions like TeamViewer, AnyDesk, VNC, UltraVNC, MagicConnet , Proxy Networks, LogMeIn, pcAnywhere etc. Currently Rohos Logon Key is the only solution that allows to protect Terminal Server remote access with U2F security keys which is being considered as the strongest authentication factor today.

What’s new in Rohos Logon Key v.4.7 :

  • Added a possibility to use U2F FIDO security keys for Windows remote desktop access. RemoteFX device redirection option in MS RDC should be used by Network Admins, to setup U2F keys on TS host side. “Rohos Logon Key compact” setup should be installed on client PC. More details read below.
  • Added support of 16/32 bytes HOTP tokens/keys and other minor improvements for One-Time-Password MFA method.
  • Added support for Omnikey RFID readers.
  • Added support for LastPass automated login with Rohos MFA Key, by inserting a password right to LastPass plugin via web browser extension. Rohos may enter your password right to LastPass login screen in Chrome/Firefox or some website. Current MFA Key is used as password storage. This is an experimental feature for those who prefer to keep LastPass locked after inactivity timeout.
  • Minor Improvements in Rohos Logon Key Push token MFA method. Added possibility to setup Smartphone login without entering user account password.
  • Added a possibility to enter a specific Username in the “Setup Key” dialog box, which allows to setup a key for users which cannot be resolved with the “Select Users” dialog provided by Windows API.
    Improvements with Emergency Logon functionality with an online user account (email address is used).
  • Improvements with Emergency Logon functionality with online user account (email address is used).
  • Added a possibility to display Message Box in RDP login screen, thus populating Remote Access dialog full screen allowing user to enter OTP credentials (by using RDP_notice registry value).
  • Fixed issue with “Setup Key” dialog box when user password is empty
  • Added a possibility to Add MFA keys with a flag “user must enter password during next MFA login”. That allows to setup keys/cards without entering user account password.
  • Rohos Management Tools update.
  • Other bug fixing.
Read more

P2P encryption ownership in secure online storage products (Mega.nz, OneDrive)

Briefly: Secure storage services such as Mega.nz, OneDrive Vault, offers P2P encrypted cloud storage, where the data are being encrypted/ decrypted in your web browser or computer. This provides the highest privacy level since data delivered to the cloud storage in encrypted form. Does it really mean, the information cannot be accessed by the Vendor? Here we show, how the vendor completely owns encryption protocol and data flows, even in your web browser. We also demonstrate why total ownership gives vendors the tools for user targeting that may be used to de-private your data. An example with Rohos Disk cloud folder encryption demonstrates the difference.

Read more

Rohos Logon Key v.4.6 update

We continue to improve Rohos Logon Key towards intelligent Multi-Factor Authentication decision framework. With new Rohos Logon Key 4.6 you can use multiple kind of authentication methods and devices in parallel.  Now you can introduce a new MFA authentication procedure on-the-fly without stopping using the current old one. Starting a pilot with a new authentication device was never such easy as now with Rohos Logon.

Read more

Rohos Logon Key for Mac OS Catalina

We are glad to report that Rohos Logon Key for Mac (v3.7) is compatible with macOS Catalina 10.15.2. We have added dark mode support and ensured authentication functionality for USB drive, YubiKey and Bluetooth devices as a key. Due to a few issues we make this release absolutely free.

Known issues:

  • Typical credentials request dialog working before Rohos key login. Please click OK and then Rohos dialog will appear.
  • YubiKey works in UID only mode.
  • The Screensaver unlock window has an old-school style.

Now you can download and update to new version. We are working to fix all the issues.

Rohos roadmap for 2020-21

SafeJKA SRL is glad to share Rohos software roadmap for 2020(21) year.

Read more

Rohos Management Tools 4.4

We have updated Rohos Management Tools v.4.4 adds improvements and bug fixing for Rohos Logon Key v.4.4 in Active Directory network. New Rohos Management Tools allows better MFA management over Active Directory workstations in isolated environments. With Rohos you can use industry accepted RFID cards such as EM, HID Prox, HiTag, Legic, Mifare as a second/single factor logon method for workstation/HMI terminals.

Read more

Rohos Face Logon 4.3 with adaptive face recognition level

We are glad to announce new update for Rohos Face Logon that allows to set adaptivity level for face recognition. This allows quicker login in any lighting conditions.

Whats new in brief:

  1. Added an option to control adaptivity level for face recognition.
  2. Added possibility to use Face Login over a remote desktop connection.
  3. Added option to control strong two-factor authentication to login into your computer.
  4. Added Emergency Logon feature to bypass two-factor authentication if you cant login by face.
  5. Added more options to customize Face Logon on logon screen.
  6. Option “Face models profile path” allows to change folder location where rohos keep biometric data. This allows to set centralized location or network shared folder for face models across multiple users and computers.

Read more