Last updated on September 1, 2025
MFA for Workgroup Accounts is a way to safeguard your workgroup accounts by adding an extra layer of security next to the password. The additional security layer must be a secure authentication method that you can use to prove your identity by demonstrating what you have (e.g., WebAuthn/U2F Security Key) or who you are (e.g., fingerprint). As a result of adding the extra method to the usual login and password login, even hackers who compromised your password cannot take control of your workgroup account.
No Domain Required, No Active Directory Required
Workgroup accounts belong to the most basic network infrastructures, which makes them easy to administer. Sometimes there is no need to create and manage complex domains or advanced Active Directory settings. Workgroup accounts might be all you need.
Apart from securing Active Directory, Rublon for Windows also supports Workgroup Accounts for all users who log in to their local Windows accounts or via RDP. With Rublon, you do not need domains and Microsoft Active Directory to enable secure Multi-Factor Authentication (MFA) for all your workgroup accounts. Install our Rublon for Windows connector to deploy cutting-edge Multi-Factor Authentication for all your workgroup accounts. Rublon allows you to create Access Policies and let your users enjoy fast Single Sign-On (SSO).
Enable MFA for Workgroup Accounts
Rublon Shields Your Workgroup Accounts
Rublon for Windows fully supports Workgroup Accounts and enables secure Multi-Factor Authentication (MFA) on your local Windows logons and RDP. In addition to that, Rublon for Windows supports users who have email addresses in many different domains.
Use Mobile Push, Passcode, and more!
Rublon for Windows Logon supports the following authentication methods:
A broad selection of authentication methods gives users the ability to choose how they want to authenticate. Since one authentication method is more secure than the other, Rublon empowers administrators to decide which authentication methods will be available to users. After administrator signs in to the Rublon Admin Console, they can create a new custom policy. A custom policy allows an administrator to activate or deactivate any of the authentication methods. It is also possible to enable Mobile Push as the Default Authentication Method. When the Default Authentication Method policy is enabled, users will be automatically challenged for MFA, e.g., they will automatically receive the Mobile Push authentication request on their phones.