Last updated on September 1, 2025
Remembered Devices is a policy in the Rublon Admin Console that allows users to bypass Two-Factor Authentication (2FA) during their subsequent logins on a selected device. A user who trusts a device can make Rublon remember that device by ticking a checkbox on the Rublon Prompt.
Rublon remembers devices for several hours or days. Administrators can set the time in the Rublon Admin Console. If you are an administrator in an organization, you can create a custom policy and enable Remembered Devices.
Why You Need Remembered Devices
Sometimes you log in to your application many times a day. Undergoing MFA every time you want to log in increases security but may be a hassle. If you trust your current device and would like to go through MFA only once a day (or once every 2 days, or every 2 hours, for example) and then bypass MFA during each consecutive login, then the Remembered Devices feature is just for you.
Rublon can recognize devices that users used to access applications. Users may ask Rublon to remember those devices.
Right after a user verifies their identity using Rublon’s Multi-Factor Authentication, they are presented with the possibility to make their device a Remembered Device. Remembered Devices let users access applications without having to verify their identity using Multi-Factor Authentication, which ensures a great user experience.
How Remembered Devices Work
The Remembered Devices feature allows users to bypass MFA during all subsequent logins from the current device. Administrators can set how long devices are remembered.
GOAL:
I want to set Rublon to remember the device for a given number of hours or days. After that time has passed, I want my device to require a push notification again.
SOLUTION:
1. Create a new Remembered Devices policy in the Rublon Admin Console.
2. Assign the policy to one or more applications.
OUTCOME:
1. Rublon asks if the user wants to remember this device.
2. The user checks Remember this device.
3. The user finalizes the login, for example, by choosing the Mobile Push authentication method.
4. Next time the user logs in from that device and provides their username and password, Rublon detects a remembered device and enables access without additional identity verification.
Adapt Remembered Devices
Remembered Devices increase user comfort but decrease security. If a malicious actor knows you added your current device as a Remembered Device, they only need to crack your password because the user’s decision to remember their device bypasses MFA.
Enabling Remembered Devices for all applications in your organization may not be what you are looking for. Some applications are critical. Unauthorized access may lead to illegal activity that potentially costs you a lot of additional work and money. If you would like to allow your users to use Remembered Devices only for logins to some of your applications, do not look any further because Rublon allows you just that.
Rublon allows you to enable Remembered Devices only on some of your applications and deactivate this feature for high-risk applications. Such an adaptive approach ensures user comfort without giving up much security.
To allow users to add Remembered Devices, sign in to the Rublon Admin Console, create a Custom Policy, and enable Remembered Devices for the desired number of hours or days. Then, assign the policy you just created to one or more applications of your choice.
Every user who logs in to an application with the Remembered Devices policy can check the Remember this device checkbox. If a user checks this checkbox, the user’s subsequent logins from this device will bypass MFA for 3 hours. After that time, the user will have to undergo MFA again on their next login. Naturally, if 3 hours is too short for you, you can increase the time. You can make Rublon remember your users’ devices for any time between 1 hour and 90 days.
Thanks to Rublon Policies, you can give your users more login convenience while still protecting your most important services with air-tight Rublon MFA.
