OptionDescription

Authentication when DualShield server is offline

  • Bypass two-factor authentication


When the DualShield server is offline, the Windows logon client will bypass two-factor authentication

  • Switch clients to offline mode
When the DualShield server is offline, the Windows logon client will switch to the offline mode
  • Decline all logon requests
When the DualShield server is offline, the Windows logon client will decline any logon request

Local protection

  • Protect local logon on all computers with multi-factor authentication


This options defines whether two factor authentication is required when a user attempts to log onto any computer in the network using a local user account.

  • Protect local logon on this computer only with multi-factor authentication
This options defines whether two factor authentication is required when a user attempts to log onto this computer using a local user account

Single Sign-On Session

  • Enable Single Sign-On
  • Single Sign-On Timeout (Minutes)


This option applies to RDP logon session only. If this option is enabled then two-factor authentication will not be required if

  • A user terminated a RDP connection without logging out 
  • Later, within the time specified in the "Single Sign-On Timeout" box, the user tries to make a RDP connection again from the same IP address 

MFA Exemption

  • MFA exemption after a successful logon (hours)


If this option is enabled then two-factor authentication will not be required within the specified time period after a successful login.


  • No labels