USB Key – Rohos

Windows 8, Yubikey and 2-factor authentication renewal

14th November 2012/in News, Rohos Logon Key /by SafeJKA

We updated Rohos Logon Key 2.9 with a few new options including Windows 8 support.

Rohos Logon Key allows to access Windows computer or Remote Desktop session by using a USB Key and optional password. With this release we allows all of the customers update for free before we switch to version 3.

What’s new list:

Windows 8 support
Yubikey Options dialog box now allows to edit and export registered Yubikey List.
New 2-factor authentication possibility – Require user to type Windows password along with a USB Key. Forcing string 2-factor authentication for Windows login.
Updated “Wireless PC Lock” tags support.
New feature – Write all authentication events to log file.

Download Now (Release date 14/11/2012)

Windows 8 Support

Now Rohos Logon Key authentication tile look like this.

USB Key based login into Windows

Rohos Logon Key for Mac v.2.4

26th December 2010/in MAC OS-X, News /by Igor

Rohos Logon Key for Mac v.2.4 is out!

Rohos Logon Key for Mac

Data security and authentication with Kanguru USB drive

18th May 2010/in Reviews, USB & flash drives /by Igor

These days login-mania requirement is to keep your data secure while maintaining your sanity. This time weâ€™d like to present you authentication solution for Windows logon – Rohos Logon Key with Kanguru Defender, a hard combination to beat, regardless of what others may say.

The Kanguru Defender is a highly secure hardware encryption device that might meet or even exceed your security pretensions. Comparing it to previously reviewed IronKey we should emphasize that it’s easy to use and quite affordable – $49 USD.

Kanguru takes two-step approach to securing sensitive data:

At the device level Kanguru starts with military grade hardware based AES encryption.
Adds the ability to remotely manage your Kanguru Defender from a central location. The Kanguru Defender does not come with KRMC enabled by default. (for more information about KRMC, visit: http://shop.kanguru.com/index.php/flash-management/krmc)

Main features:

Password protected and encrypted data partition for your secure files
Does NOT require Admin privileges on any PC to open secure partition.
Write protect switch (actually this may safe you from viruses on guest PC)
Has only 1 secret drive. There is no Open and Secret partition options.
Password reset allow to turn USB drive configuration into factory defaults and create new password once again.

Review of Hardware Encryption vulnerability of Kingston and SanDisk USB flash drives

22nd February 2010/in Solutions, USB & flash drives /by Igor

The Kingston Technology company, a leader in the production of safe USB drives, and one of the first ones that started producing USB flash drive with hardware encryption (Kingston DataTraveler Secure) announced that some of its models of USB flash drives with hardware protection feature are vulnerable. The announcement was posted on the company’s web site saying that with the help of some tools you can access this USB drive (i.e. hack it without a password). News regarding some models of Kingston being prone to cracking is very surprising because these flash drives have been certified in compliance with FIPS 140-2.

Everything started with the fact that the German company SySS published a document entitled “Companies SySS hacked USB flash drive with hardware encryption Kingston certified FIPS 104-2”. In this document they describe in details the authentication protocol between the drive and the program (the user), which they found on the basis of intercepted USB traffic + vulnerability that was discovered. And also some screenshots of the utility, which is embedded in the process of authentication program for USB drives, and as a result – we may enter any password and access will be granted.
Read more

Credentials Prompt of RDP 6.0 and login with USB Key

28th June 2009/in Rohos Logon Key /by Igor

Microsoft Remote Desktop Connection 6.0 (on Windows Vista\Seven) by default makes it mandatory for the user to enter user name and password before RDP client can establish connection to the WinSeven/2008 remote server (“ Enter your credentials for <server>. These credentials will be used when you connect to the remote computer” ). This is called “ Network Level Authentication“. If you are going to use USB key you can skip this prompt or disable it.

on vista you will see

As Rohos Logon Key RDC plugin works with the established terminal session this Credentials Prompt may be ignored or disable it by default.

Actually if Rohos Logon is installed locally it could work in this ‘credential prompt’ window:

How to disable RDC Credentials Prompt:

To skip the credentials prompt – choose â€œDo not attempt authenticationâ€ under Authentication options on the Advanced tab, but this option is not set permanently. To permanently skip the additional credential screen , edit the Default.RDP file (My Documents folder) in notepad. Including enablecredsspsupport:i:0 disables the Credentials Security Service Provider for the connection. If you use separate .RDP files for different server, modify each of those .RDP files. Below is the content section of the default.rdp file with enablecredsspsupport:i:0 option included.

redirectposdevices:i:0
authentication level:i:0
enablecredsspsupport:i:0
prompt for credentials:i:0
negotiate security layer:i:1

Note that this workaround is suggested only if you connect Windows 2000/2003/XP systems because according to Terminal Services Team blog post â€“ â€œThis option does disable the new credential prompting behavior, but it also disables support for Network Level Authentication for Vista (and Longhorn Server) RDP connections; Network Level Authentication requires credentials to be provided by the client before a session is created on the server side.â€ So if you do connect to Vista over RDP, youâ€™ll not be able to use this option.

Rohos Logon Key v.1.6 (Mac)

20th February 2009/0 Comments/in MAC OS-X, News, Rohos Logon Key /by Igor

We announce Rohos Logon Key v.1.6 (Mac) beta with a few improvements:

Fixed bug when password contains space ” “and comma “,”
Fixed bug with Bluetooth logon when Rohos Logon locks desktop right after USB key setup
Improved OFF function – when there are no USB key inserted all USB Keys will be removed from Rohos Logon
Added global Autostart item for Rohos Logon. Now after installation Rohos Logon icon will be active in all user accounts

Rohos Logon Key 1.5.2 for Mac

28th January 2009/in MAC OS-X, News, Rohos Logon Key /by Igor

Here are new Rohos Logon Key v1.5.2 for Mac OS X.

It includes new features in Preferences pane:

Allow to log in only with USB Key. If this option is ON then regular password based logon dialog box will be disabled and covered with a half-transparent Rohos Icon. To log in you need to have USB Key. No emergency logon is enabled here except safe mode boot.
Password protect application, if it is ON then you need to pass system authentication window (to get Admin rights) to modify settings or access Rohos main window.

Some things were improved:

– installation script and now it installing all Rohos items (logon bundle, autostart item)
– Add USB Key function now would not ask for a password so many times
– Case-sensitive file system support, thanks to users reports.

Also, now it is possible to set up USB Keys on any other Server Mac, but you will need to manually copy Rohos *.k files into /Applications/.rohos folder on client Mac. We are still working under server-based usage of Rohos.

Rohos Logon Key for Mac v.1.4.3

3rd December 2008/in MAC OS-X, News, Rohos Logon Key /by Igor

+ Added a few actions on USB Key removal : Lock, Log Out, Sleep, Shutdown and Nothing – the most helpful for Mac Book Air
* Fixed PIN code support for Intel based Macs
* Improved UI
* Improved Installer
* “Add USb Key” dialog doesn’t show odd Apple hardware anymore (of course iPod will be shown)

For Mac Book Air Users: This version allows to use USB flash drive only for logon/unlock moments after that you can unplug it, so you don’t need to lose a USB port. This is due to ‘Nothing’ option (see screenshot).

download v.1.4.3 beta.

Notes about PIN code:
For those who are not familiar with two-factor authentication: By setting up PIN code you protect USB Key from somebody who can use it for logon into your Mac without your permission. After you plug in USB Key – Rohos Logon will always ask user to enter PIN in order to log in or unlock your Mac. To set up PIN, just click Change PIN button, after you set up your USB Key.

PIN code works only for USB flash drives
To change it – click Change PIN – and enter new PIN and Confirmation – OK
If you forget PIN code – use second USB Key (created before) or Safe Boot to disable Rohos Logon

To Upgrade:

It’s better to Quit current Rohos Logon , install new version over, and then open Rohos Logon and set up USB Key again.

Notes About Uninstalling / OFFing Rohos Logon:

To OFF or Quit Rohos Logon USB key should be connected

Login into Web based Remote Desktop with USB key

10th October 2008/in Biometric security, MAC OS-X, Rohos Logon Key, Solutions /by Igor

Rohos Logon Key for remote desktop Rohos Logon Key is the only software that allows to use USB flash drive as a 2-factor security key to access Windows Remote Desktop. It also supports Web Based remote desktop access with USB Key.
Read more

Posts