Passwordless MFA for Windows
Protect logins to Windows workstations with Passwordless MFA
Supported Windows types
# | Windows type | Account creation | Desktop client | User login | MSP login | Offline |
---|---|---|---|---|---|---|
1 | Domain-joined | No | Yes | QR-code | QR-code | Yes |
2 | Local workstation | Yes | Yes | QR-code | QR-code | Yes |
Supported Windows OS
Today idemeum Passwordless MFA is supported on:
- Windows 10
- Windows 11
- Windows IoT
Passwordless MFA for domain-joined Windows
Quick-start guide
How it works
Idemeum Desktop Client can be installed on domain-joined Windows workstations. Once the client is installed, idemeum creates a credential provider that will display a QR-code for user login.
To login user will need to perform the following actions:
- User installs idemeum mobile application, and verifies company email address (company email address verified needs to match the domain User Principal Name (UPN)
- User accesses the workstation and scans the QR-code with idemeum mobile application
- User is prompted to enter her domain credentials to pair the mobile device
- From now user, user can access the workstation without credentials by simply scanning a QR-code
Passwordless MFA for local Windows
Quick-start guide
How it works
Once idemeum desktop client is installed, it takes over the login screen with the installed credential provider. When the user scans the QR-code to login, idemeum will create a new local account (based on the username specified in the cloud directory), or or it will take over the existing one, and will update the password to the one specified in the local directory.
To login user will need to perform the following actions:
- User installs idemeum mobile application, and verifies company the email address the was created in the cloud directory
- User accesses the workstation and scans the QR-code with idemeum mobile application
- idemeum makes sure the user exists in the local directory, extracts the username and password, and then creates a new local account, or takes over the existing one.
- From now on, user can access the workstation without credentials by simply scanning a QR-code