The Computer MFA Logon is a new generation of MFA solution that secures AD domain logon from workstations (desktop and laptop) with MFA. The Computer MFA Logon solution offers the same set of features and functions as the Windows MFA Logon solution, but with a different user experience. 



Windows MFA Logon 5.x

___________________________________________

Windows MFA Logon 6.x (G2)

___________________________________________

Computer MFA Logon

___________________________________________

Remarks



Operating System

Windows 


  • Screen Unlock


  • UAC Elevation Prompt

Run as Administrator, Run as a different user
  • Network Drive Mapping

(Requires DC Agent)


MacOS


  • Screen Unlock

 (Prior to Big Sur)


Linux 

  (Supports PAM Radius)

(Supports PAM Radius)


CPU Architecture

x86 / x64


ARM 64

 

 

(from v2.6.1)


User Accounts

AD Domain User Account


Local User Account 


Authentication Methods


Online Logon






  • One-Time Password

hardware and software OTP
  • On-Demand Password

SMS and email code
  • Out of Band Authentication

Push Authentication, OOBA
  • Access Card

Proximity cards (HID and MiFare), RFID & NFC cards
  • Smart Card (Certificate)

Smart card with PKI certificate
  • Grid Card

Grid Card as OTP
  • FIDO/U2F


  • FIDO2


  • Computer Fingerprint

DevicePass
  • Fingerprint Recognition


  • Type Recognition

        

TypeSense
  • Face Recognition

FaceSense
  • Voice Recognition

VoiceSense
  • Security Questions


  • Challenge/Response

MobileID C/R, GridID C/R


Anywhere Logon 



same as online logon


Offline Logon





  • One-Time Password

hardware and software OTP
  • On-Demand Password

SMS and email code
  • Out of Band Authentication

Push Authentication, OOBA
  • Access Card

HID cards, prox cards, Mifare cards, RFID cards, NFC cards
  • Smart Card (Certificate)


  • Grid Card


  • FIDO/U2F


  • FIDO2


  • Computer Fingerprint

DevicePass
  • Fingerprint Recognition


  • Type Recognition

        

TypeSense
  • Face Recognition

FaceSense
  • Voice Recognition

VoiceSense
  • Security Questions


  • Challenge/Response

MobileID C/R, GridID C/R


RDP Logon




  • One-Time Password

hardware and software OTP
  • On-Demand Password

SMS and email code
  • Out of Band Authentication

Push Authentication, OOBA
  • Access Card 

HID cards, prox cards, Mifare cards, RFID cards, NFC cards
  • Smart Card (Certificate)


  • Grid Card


  • FIDO/U2F

(Run RDP client in Admin mode)

(Run RDP client in Admin mode)


  • FIDO2


  • Computer Fingerprint

DevicePass
  • Fingerprint Recognition


  • Type Recognition

        

TypeSense
  • Face Recognition

FaceSense
  • Voice Recognition

VoiceSense
  • Security Questions


  • Challenge/Response

MobileID C/R, GridID C/R

The complete solution consists of the following components:

  • DualShield Authentication Server
  • DualShield Computer Logon Agent
  • DualShield Computer Logon Client for Windows, Mac and Linux

Computer MFA Logon Agent

Computer MFA Logon Agent is the bridge that connects the Logon Clients and the Authentication Server.

Computer MFA Logon Client

Computer MFA Logon Client interacts with the user in the authentication process and communicates with the Logon Agent to process the two-factor authentication requests.



  • No labels