Now you can use popular U2F FIDO security keys for Windows logon. Both multi-factor and single-factor authentication use cases are supported as well. It means you can use your U2F key as a password replacement or you can setup true multi-factor authentication to unlock your dektop: U2F Key + your Windows password.
Rohos Logon Key v3.5 announce now support of RFIDeas pcProx reader and KCY-125 RFID reader. This allows to implement multi-factor authentication by using a variety of RFID cards, tags, bracelets and employee ID badges of Emarine, Indala, HIDProx and other standards in Active Directory and standalone Windows workstations as well. Rohos Logon Key replaces weak password based login with a physical key and PIN code or physical key and Windows password. This improves organization security controls and brings regulatory compliance such as HIPAA, HITECH, PCI DSS, FFIEC and others.
We would like to turn your attention to one more device designed for secure user authentication on Windows and compatible with Rohos Logon Key. This is the RFID tag from the Swiss company Addimat.
It was originally designed for identifying wait staff in pizzerias, restaurants, and cafés. It consists of an RFID reader with a round magnetic opening and a set of matching cylindrical keys. Each key has a rugged and waterproof body. Woven into the body of the key is an individual 48-byte serial number and a PIN code, which in some models can be reprogrammed.
Authenticating for Windows and accessing a secret disk with a ruToken key.
In short: now the popular ruToken identification device can be used in Rohos Logon Key and Rohos Disk as the one key needed to log in to Windows and your protected data. Rohos Logon Key works fully on Windows Vista/7 and also supports authorization for remote desktops using a ruToken. User authentication and identification with USB keys.
Updated: June 2020.
Rohos Logon Key with new “Push 2FA” login method, allows to unlock your computer without entering password, just by using your iPhone or Android smartphone.
The access to your computer or user account is usually password-protected. But sometimes it is not enough, especially, when your data requires high level of confidentiality. You don’t want to provide attackers with the chance to get hold of your most secret stuff and your data, don’t you? We has included Google Authenticator and Yubikey HOTP support into Rohos Logon Key. Now Windows login is performed in High-Safety mode by using Time based One Time Password and HOTP codes.
iKey 1000/1032 security token is designed for fast and easy integration with various authorization systems. The compact low-cost token supports PKCS#11 and has a built-in encryption process. It is used for user identification and two-factor authentication.
Rohos Logon Key generates two-factor user authentication in Windows or on the Terminal Server by means of electronic keys. It securely stores the user account data: login and password on the token, smartcard and other hardware encryption devices.
Before you start using iKey 1032\2032 in Rohos Logon Key, you first need to configure the iKey with the help of iKey Token Utility .
Updated 10 Oct 2017.
Rohos encourages new technologies. Now Rohos Logon Key allows to use a
various of RFID tags for Windows logon: Indala, Emarine, Legic and
Hitag . Thanks to Awinta.de We have got a sample of easyident FS-2044
RFID reader, produced by Easyident.de
FS Fertigungsservice (Germany). Also we have added support for
the following RFID readers: KCY 125 Khz , Addimat and pcProx Plus by
This RFID can read and write a few types of Tags produced by the
company, including one handy Hitag bracelet EM4100. RFID tag EM4100 is a
read-only RFID tag with a 40 bit unique ID which is read automatically
by RFID reader FS-2044.
This space-saving device with dimensions 91 x 91 x 14 mm is very
compact. Easy to install, you only need to setup the drivers for Windows
from the official web site. We have successfully integrated this device with Rohos Logon Key v.2.8. The easyident FS-2044 is one in a multiple devices that can be use in Rohos Logon Key for secure login your Windows computer.
Below are photos of that easyident FS-2044 RFID transponder.
How to use easyident, pcProx, KCY RFID readers for Windows Login:
1. Download and install Rohos Logon key.
2. Open Rohos Logon Key > Options > choose RFID FS-2044 as a key to Windows login.
Click on Options below USB Key type selection and Choose COM port where Easyident FS-2044 is connected.
Rohos Logon Key immediately check COM port for reader presence. Note,
now you can set up RFID tags, add and edit them. Save your time with
Import…/Export… options, the file with all configured tags can be saved
and exported on any other computer. Click OK to save this setting.
Enable option Login by USB Key only
Enable “Require user to type Windows password along with a USB Key“. Two-factor authentication protects your computer now.
3. Open Rohos Logon Key > Setup USB Key
- Place your EM4100 RFID Tag on the reader like on the photo.
- Rohos Logon Key will detect it serial number.
- Enter your Windows password and click “Setup USB Key”.
Now you may use this RFID tag for Windows logon including Windows Vista/Seven x32/x64 systems.
- Note,A now you can lock the computer – bring the tag close to
the reader, in order to unlock it a€“ again bring the tag to the reader.
To put in force this option you need to enable option “Perform this action when you withdraw your USB key from computer”.
- Unlimited number of tags configured. If you are interested to try it please contact us.
- When the application (including Rohos) opens a COM port then other
apps can’t open this COM port again. Rohos opens a COM port only for
login, or Tag setup operations.
- If you have other apps that should work with a reader they could
conflict with Rohos. If so, do not use “USB Key removal” settings.
- If you have an applications that keep this reader opened (and COM
port) it is possible that COM port will be locked thus for example the
following use case will not be possible:
– user turn on a PC and login with a TAG,
– a 3rd party Application runs on the desktop and working with Easident reader all of the time (COM port is locked).
– user lock the desktop and try to unlock it with a TAG by using Rohos Logon Key
– Rohos will not be able to connect COM port – and this user will not login by a TAG.
- Rohos reads RFID tags by KCY and PcProx RFID readers by using USB connection mode, so you may disable keyboard mode.
- PIN code functionality and Active Directory authentication are supported as well.
Please contact us if you wish Rohos Logon to support other RFID Tags of Easyident.
- Advise to setting up the admin account for OTP 2FA in conjunction with Rohos and remote access 18th January 2022
- Windows 11 support 16th October 2021
- Rohos Disk Encryption v.3.2 4th October 2021
- 2FA bypass control in Rohos Logon Key 4.8 30th June 2021
- What are strategies for protecting against two-factor authentication vulnerabilities? 5th January 2021