Rohos Logon Key v.4.9
We are glad to announce Rohos Logon Key 4.9 with a new feature with an audit trail for 2FA configuration changes.
Read moreWe are glad to announce Rohos Logon Key 4.9 with a new feature with an audit trail for 2FA configuration changes.
Read moreWe would like to share some advice regarding two-factor authentication and its use with an admin account when logging into Windows RDP. If it is not enabled currently we would strongly advise setting up the admin account for additional OTP authentication in conjunction with Remote Desktop access and Rohos Logon Key. Let’s review the pros and possible side effects.
Of course, it is highly recommended to use 2FA for the admin account, and it is definitely recommended rather than keeping it 1FA only. Just to remind you that default RDP login based on NLA credentials (user login and password in plain form store in .rdp connection file) from the client-side is quite vulnerable now since these credentials may be stolen and used by malware operators in an automated way – so the attack speed will be just 5-10 minutes. So today, the absence of additional authentication factors (2FA/MFA) is considered negligent. Even more, due to recent development in exploits and malware for Windows operating system, desktop sessions created by regular user accounts also may be elevated to Admin Privileges in Domain or Active Directory (AD) with a high success rate depending on your defense type (Anti-virus type, EDR solutions, etc). So a variety of exploits for horizontal/lateral movement in AD are huge also. But of course, Admin’s accounts are always a special target for cyber-criminals and traded as a high-price asset on the darknet.
To summarise, definitely you need to start your cyber-security efforts in 2FA from some point, and admin accounts are the right starting point, highlighting you have a cyber-security strategy. Especially with Rohos, since it is very easy to start with and has a fixed one-time price.
We have updated Rohos Logon Key setup package for compatibility with Mac OX X 12, Monterey.
Read moreThis is a short announcement to confirm that all the latest versions of Rohos software products are fully compatible with the latest Windows 11 operating system. We continue to develop Rohos product line by adding new features according to our plans. We appreciate all of our users and customers for the valuable feedback while choosing Rohos cyber security solutions.
Rohos Software compatible with Windows 11:
We are glad to announce Rohos Logon Key 4.8 with automated control over ‘Two-Factor Authentication bypass scenarios’. New experimental feature allows to get an immediate push notification on the smartphone when Two-Factor Authentication procedure was avoided during login/unlock or reconnecting to console or remote sessions. Because of well-known system vulnerabilities that allow RDP session hijacking, never-ending stories with 0-day exploits in RDP protocol or authentication system, unattended remote tools like TeamViewer or 2FA credentials theft during fishing and social engineering – all these lead to unpredictable threat models and risks.
Rohos Logon commits experimental innovation to address these issues. Currently, Rohos Logon Key app uses three simple rules to trigger push notifications and lock the session in case of Two-Factor Authentication bypass. This allows defining response and mitigation in case of unknown vulnerabilities of the authentication procedure. The experimental approach works well for standalone Terminal Servers, AD farms, cloud servers in AWS or Azure, workstations or personal laptops as well. In the future, we plan to add more rules and response actions that allow mitigating authentication vulnerabilities of Windows system, Rohos or human factor. Currently, Rohos Logon Key is the only 2FA application in the world that offers self-control backward loopback, starting from the login prompt to the RDP session desktop. Read more about how it works.
Long time ago, Microsoft admitted that “game is over, if an attacker is landed inside your Active Directory” (“Mitigating Pass-the-Hash and Other Credential Theft”, version 2) by putting the following statement :
“Assuming breach requires a shift in mindset from prevention alone to containment after breach”
Meaning that no security software will help you since that moment. With this statement Microsoft team accepted that 0-Days vulnerabilities and exploits will continue to appear in future. What lessons security architects and experts may learn from Sunburst/Solarwind case? Probably the statement may be expanded to a wider scope:
“Assuming ongoing breach executed in an unidentified past requires a shift in mindset from prevention to continuous containment”.
What if the breach was already happened but we dont know about it now? Cyber-Security vendors now start offering solutions that includes new paradigm :
The new version of Rohos Disk for Android allows accessing folders on Google Drive/Dropbox/OneDrive encrypted by Rohos Disk Encryption on Windows. The Rohos Disk is free by default with some limitations (10 files per folder).
Read moreRohos Logon Key v.4.7 now has multiple improvements, allows using U2F FIDO security keys as a second authentication factor for Remote Desktop access. This makes Rohos absolutely unique solution that allows using U2F keys for Remote Desktop 2FA login as well as console-based login.
We also added an experimental feature to Rohos Logon to work as a password filler for the LastPass browser extension (experimental).
During pandemic remote access became very popular and sometimes mandatory due to restrictions. Rohos Logon Key allows protecting remote access with convenient two-factor authentication. Rohos may easily work over a classic Microsoft RDP as well as other popular solutions like TeamViewer, AnyDesk, VNC, UltraVNC, MagicConnet , Proxy Networks, LogMeIn, pcAnywhere etc. Currently Rohos Logon Key is the only solution that allows to protect Terminal Server remote access with U2F security keys which is being considered as the strongest authentication factor today.
What’s new in Rohos Logon Key v.4.7 :
Briefly: Secure storage services such as Mega.nz, OneDrive Vault, offers P2P encrypted cloud storage, where the data are being encrypted/ decrypted in your web browser or computer. This provides the highest privacy level since data delivered to the cloud storage in encrypted form. Does it really mean, the information cannot be accessed by the Vendor? Here we show, how the vendor completely owns encryption protocol and data flows, even in your web browser. We also demonstrate why total ownership gives vendors the tools for user targeting that may be used to de-private your data. An example with Rohos Disk cloud folder encryption demonstrates the difference.
Read moreWe continue to improve Rohos Logon Key towards intelligent Multi-Factor Authentication decision framework. With new Rohos Logon Key 4.6 you can use multiple kind of authentication methods and devices in parallel. Now you can introduce a new MFA authentication procedure on-the-fly without stopping using the current old one. Starting a pilot with a new authentication device was never such easy as now with Rohos Logon.
Disk and Folder encryption for Windows, Google Drive, One Drive
Hide your data by using Steganography
Chrome,Skype Firefox full profile encryption
Secure Windows Login by using an USB stick
Login Windows Remote Desktop in a secure way by USB key
Secure 2-factor authentication for Terminal Server by OTP and SMS.