Rublon For Windows integrates with Microsoft Windows client and server operating systems to add multi-factor authentication (MFA) to any Remote Desktop and local logons.
In order to install Rublon For Windows, you need to download a shared package containing the installer and other necessary files.
Download zip package Rublon For Windows
To launch the installer you need to run the RublonInstall.exe file. By default, the installer requires administrator privileges to run the installation process.
The installer guides the user through the process steps. After completing this process, the system user will be able to use Rublon For Windows as the second login step.
Acceptance of policies
The first screen contains license information that the user should be familiar with. Moving to the next window of the installer is equal to reading and agreeing to the terms of the license.
Additionally, on each window of the installer, there is a contact to support or an opportunity to become familiar with Rublon MFA solution.
The next page contains forms related to the configuration parameters required for Rublon For Windows to work properly.
|API URL (Cloud)||Default domain of the Rublon authentication server.|
|API URL (On Premise)||The custom domain of the Rublon authentication server.|
|System Token||It is a string value gathered from the Rublon Admin Console, for theWindows application type.|
|Secret Key||It is a string value gathered from the Rublon Admin Console, for the Windows application type.|
|Domain name||The domain name assigned to the system users and Rublon Admin Console|
Parameters: systemToken and secretKey can be copied from the Admin Console web page from the windows application.
userDomain is the name of the common domain for all company users.
For proper use of Rublon For Windows, it is necessary to prepare user accounts for the system and ensure the integration of Windows account naming with that used in the Rublon Admin Console.
Users must be in a common domain, their names must not contain spaces. After connecting the Windows user name with the domain given during the Rublon For Window installation process an e-mail address should be created. On the base of this e-mail address, the user will be identified by Rublon.
Additional module options
Additional options that can be set during the installation process. Settings can be changed by performing the installation process again.
|Bypass Rublon for Windows authentication when user is offline.||This option allows users to logon without Rublon authentication if the cloud service is unreachable (offline mode).|
|Only require Rublon authentication when logging in via RDP||If this option is unchecked Rublon authentication is required for local logon and RDP sessions. If enabled, local system logons do not require 2FA approval.|
The installation process shall perform the following processes:
- Creates a configuration file based on the data given in the previous installation steps.
- Installs the application on the system in a defined location. It is not possible to change this path.
- Makes registry changes related to the correct operation of the Credential Provider.
- Changing the default Credential Provider to a custom solution supporting Rublon For Windows
- Starts the installer of the necessary additional packages : Microsoft Visual C++ 2015-2019 Redistributable (x64).
The last window of the installer. It is a confirmation of the correct execution of the installation process. It contains additional information about the possibility of bypassing 2FA ( Rublon), which can be useful if you have problems logging into the system.
After logging out, Rublon For Windows will be ready to work and will provide greater security during the login process.
Example of using Rublon For Windows
The appearance of the login window after installing Rublon For Windows. Example of logging in to a local machine.
In this case, the user has two login options available, the first standard process and the second in the form of Rublon MFA.
This view depends on setting the “Only require Rublon authentication when logging in via RDP” during the installation process.
In this case, this option has been checked. The RDP login screen will contain only one option – Rublon For Windows. However, when logging in locally it is also possible to use the standard procedure.
If this option is not checked during installation, Rublon For Windows will be set by default as the only process of executing a login to the system, regardless of the mode.
The first view contains a selection of the verification method.
The next one, depending on your choice, will run:
Email Magic Links are a simple way to verify the identities of users that requires no software installation or additional hardware. Users click on the magic link sent by Rublon to a user’s email address and get signed in on the device that started the login process.
Mobile Passcodes. The Rublon Authenticator app generate a new Mobile Passcode every 30 seconds, even when offline. Users may verify their identities through multi-factor authentication by entering these passcodes into the authentication prompt.
Rublon Mobile Passcodes are based on the TOTP Time-Based One-Time Password Algorithm (RFC 6238), which was designed by Symantec, VeriSign and others.
QR codes. Rublon generates QR codes that appear on the authentication prompt. Users verify their identities by scanning these QR codes using a phone with the Rublon Authenticator app.
Mobile Push is a fast and secure way for users to verify their identities, using push notifications sent to their phones. The Rublon Authenticator app enables users to approve or deny login attempts with a single tap.
U2F Security Keys. Rublon supports the FIDO U2F industry standard, enabling users to sign in to applications with strong two-factor authentication by tapping a physical USB security key.
After verification by Rublon MFA, the user will be granted access, accessed with bypass status or not allowed into the system.
Disabling Rublon For Windows
In order to disable Rublon MFA in Windows, delete the entry in the system registries :
If it is not possible to log into the system, the registry can be deleted by logging into the system in emergency mode.
In order to restore Rublon For Windows, you must again add the previously deleted registry entry.