Passwordless MFA for Workstations
idemeum Passwordless MFA can be integrated with your Windows and MacOS workstations to protect login with secure unphishable MFA. We developed a desktop application that once installed on your workstation can be paired with idemeum mobile application. As a result, you can login into your workstation by simply scanning a QR-code and approving with biometrics.
Supported use cases
Here are the use cases that idemeum supports today.
|OS||Type||Login type||Dedicated user||Shared users|
- Type - computer type, whether it is joined to Active Directory domain or used only with local accounts.
- Login type - defines how users access the workstation. Either using mobile app to scan the login QR-code, or leveraging RFID badge to access workstation.
- Dedicated user - workstation is accessed only by the user who installaed desktop application and paired with mobile device. No other users can login into workstation.
- Shared users - multiple users can access workstation with mobile device or RFID badge.
Supported login methods
|Login with QR-code||online||Login by scanning QR-code with idemeum app|
|Login with OTP||offline||Login with one-time code that you retrieve from mobile app|
How desktop MFA works
idemeum desktop client leverages virtual smart cards (certificates) to enable passwordless login into workstations. When idemeum desktop app is installed on a computer, we create a custom credential provider that will be processing authentication requests and logging the users with passwordless MFA instead of username and password. idemeum supports both domain joined and non-domain joined machines with user experience being completely the same.