Rublon For Windows integrates with Microsoft Windows client and server operating systems to add multi-factor authentication (MFA) to any Remote Desktop and local logons.
Does Rublon for Windows Logon support offline multi-factor authentication?
No, at this time the Rublon for Windows Logon module does not support offline multi-factor authentication. When a Windows system is unable to reach Rublon’s service, then the authentication request may be bypassed or denied (you can change this setting in the module’s configuration).
What Windows login interfaces can Rublon protect?
Rublon for Windows Logon provides multi-factor authentication for RDP (Remote Desktop Protocol) and local console logons.
Where are the Rublon for Windows Logon settings stored in the Windows Registry?
All installation settings of the Rublon for Windows Logon module are stored in
Can Rublon protect local console logins to Windows?
Yes, Rublon for Windows Logon can enable multi-factor authentication for local console logins on Windows. Please keep in mind that it might be difficult to prevent an attacker to successfully compromise a system if they have physical access to it.
If you decide to protect local console logins to your Windows machines, please be aware of the following threats:
- An attacker may bypass Rublon by rebooting the Windows system into Safe Mode. In order to decrease the probability of such an attack, you should enable only a select group of users to log in while Windows is running in Safe Mode. To do this, you may set the registry’s DWORD value
- By default, Rublon will be bypassed if a Windows system is not able to reach Rublon’s service. An attacker with physical access to the Windows device may disrupt its network connectivity by unplugging its ethernet cable and thus bypass Rublon authentication.
You may deny all login attempts if Rublon’s service is not reachable. To do so, uncheck the “Bypass Rublon for Windows authentication when user is offline” box during installation or set the value of
offlineBypassto 0 in the
In order to enable Rublon for local console logins, uncheck the “Only require Rublon authentication when logging in via RDP” box during installation.
You may disable Rublon for local console logins after installation by setting the value of
rdpOnly to 0 in the