Rohos Management Tools includes Rohos Key Admin and Rohos Remote Config tools
that allows centralized authentication devices management and 2-factor authentication control.

Rohos Managment Tools can be installed on AD Domain Controllers, AD Administrator’s workstation or any other PC.

USB Key manager utility.

If you have 10 or more users in your organization, you can use USB
Key management utility. It allows creating and editing logon profiles on
authentication media.


  • Allows to configure authentication key for Windows login. You can issue authentication Keys for access into any computer in your organization;
  • Centralized License management. Automatically uses license keys list to create pre-licensed authentication keys to simplify license management. With Pre-licensed USB keys you dont need to enter license key on each client PC where Rohos Logon is installed.
  • Back up/Restore operations Allows to Backup and restore authentication Key content (logon profile); The utility automatically names backup files and uses backup’s folder.
  • PIN code security Set up a PIN code for authentication Key protection;
  • Roaming profiles Create and use roaming logon profiles on a authentication Key.
    This will allow you to login into any computer on the network.
  • Copy/Paste operations Allows to copy/paste logon profiles between authentication Keys.
  • Setup USB flash drive for Remote Desktop Login (RDP) Copy Rohos Remote Login component into USB stick. Use this feature if you don’t want to install Rohos into any computer you login from.
  • Export and import of the list of keys and users.

Setup and using of Rohos Key manager:

The Rohos Management Tools package is a freeware, but to create the
keys it can use the license keys. During the creation of authentication key, the
license information is being written on it, and is coping in options of
Rohos Logon Key application on target computer. So, Rohos Logon Key
application became activated.

NB!: Without of license keys, it cretes a demo-KEY. To add the list of licenses, use Add licenses button, and paste the list of the keys, you have received by e-mail.

Now you can create and manage the USB keys from admnistrator’s user account.

User profile on authentication key:

Please note that you should correctly set up user profile on authentication Key according to you network environment.

Click on Settings button ant the bottom of main window of the application to select the type of authentication key.

For the moment, USB key manager lets to create the following types of authentication keys:

With Add logon Profile button you can create a new user profile on inserted authentication key.

To edit the existing one, select it and press Edit button.

User name. UPN format is supported ( You can write here the name of the user on target computer or domain.

To view the password, click (*) button. If a password contains «***» at
the beginning, it means it is encrypted. Encrypted password can be used
only on a single computer – there, where this key has been created in
Rohos Logon Key application. In Usb key manager you can write a password
in plain form only. This key will be siutable for many computers and
RDC connection.

Domain. This field can
contain the name of the workgroup, terminal server, computer or domain.
Rohos Logon Key application uses this field to verify, is this kay
suitable for authentication.

Important: If you are preparing the USB key for Remote connection, write entication – name of terminal computer.

  • If you leave Domain field blank, this profile is siutable for every type of autorisation.

Use Set PIN command to install the PIN code there where it is possible.

If a user enters wrong PIN code for 3 times the Key gets blocked for
login. Administrator may found blocked USB Keys serials and unblock

Remote Desktop button copies the portable Logon Key
application to USB drive to configure the client computer for Remote
Desktop connection. Use it, when you:

  1. use USB Flash drive as a hardware key;
  2. don’t want to install Rohos Logon Key application on every client computer, you use to connect the terminal server.

Rohos Remote Config Utility

This utility allows the Administrator of Active Directory to change Rohos Logon Key settings over an AD network.

Rohos Remote Config Utility main window

  • Allows to see and edit the list of keys, registered in Active directory;
  • Edit Rohos Logon settings in Active directory;
  • Assign a name of user group, allowed to log in only with authentication  key.

System requirements for Rohos Remote Config utility:

  • Windows Active Directory environment;
  • Rohos Logon Key should be installed on the client workstation;
  • Administrator should be logged in as “Active Directory Administrator”.

How to use it?

  • Launch the application;
  • Create a database to store the Rohos setting (it will be proposed automatically, if the database doesn’t exist).
  • To register a hardware key key in Active directory launch Rohos Key manager;
  • Change or write the name of the user group, allowed to login only with 2-factor authentication;
  • Install the settings of Rohos Logon Key application: Key removal behaviour, Emergency logon, IP-filter, etc.
  • click Save settings.

MSI Package

Network Administrators can use MSI installation package to rollout pre-configured and registered (licensed) Rohos Logon Key software over all AD workstations/clients.

Benefits of Rohos Logon Key for networks:

Rohos Logon Key can be easily integrated into
existing infrastructures. It offers native support for Active Directory,
eDirectory ( with installed Novell Client) and Microsoft Windows
Terminal Server.

Security features:

  • Two-Factor authentication, eliminating identity theft;
  • Control access, giving only authorized personnel access, making data untouchable to all others, even upon theft;
  • Quick and secure logon / lock/ unlock process;
  • Automatic computer lock when USB Key presence is no longer detected;
  • Easy deployment over a network workstations using MSI installation package.

No difficulty:

  • Removes the burden of remembering and entering and re-entering strong passwords;
  • No PKI infrastructure needed.