Skip to main content

Passwordless MFA

Passwordless MFA for Windows

Protect logins to Windows workstations with Passwordless MFA

Passwordless MFA for Windows

Supported Windows types

# Windows type Account creation Desktop client User login MSP login Offline
1 Domain-joined No Yes QR-code QR-code Yes
2 Local workstation Yes Yes QR-code QR-code Yes

Supported Windows OS

Today idemeum Passwordless MFA is supported on:

  • Windows 10
  • Windows 11
  • Windows IoT

Passwordless MFA for domain-joined Windows

Quick-start guide

Quick-start - Passwordless MFA for domain Windows workstations
In this guide we will set up idemeum Passwordless MFA for domain-joined Windows workstations. Your customers will be able to access workstation without passwords leveraging mobile biometrics.
idemeum documentationNik Pot

How it works

Idemeum Desktop Client can be installed on domain-joined Windows workstations. Once the client is installed, idemeum creates a credential provider that will display a QR-code for user login.

To login user will need to perform the following actions:

  1. User installs idemeum mobile application, and verifies company email address (company email address verified needs to match the domain User Principal Name (UPN)
  2. User accesses the workstation and scans the QR-code with idemeum mobile application
  3. User is prompted to enter her domain credentials to pair the mobile device
  4. From now user, user can access the workstation without credentials by simply scanning a QR-code

Passwordless MFA for local Windows

Quick-start guide

Quick-start - Passwordless MFA for local Windows workstations
In this guide we will set up idemeum Passwordless MFA for local Windows workstations. Your customers can access workstations with a mobile device instead of passwords. Idemeum can also automatically create local user accounts or take over existing ones.
idemeum documentationNik Pot

How it works

Once idemeum desktop client is installed, it takes over the login screen with the installed credential provider. When the user scans the QR-code to login, idemeum will create a new local account (based on the username specified in the cloud directory), or or it will take over the existing one, and will update the password to the one specified in the local directory.

To login user will need to perform the following actions:

  1. User installs idemeum mobile application, and verifies company the email address the was created in the cloud directory
  2. User accesses the workstation and scans the QR-code with idemeum mobile application
  3. idemeum makes sure the user exists in the local directory, extracts the username and password, and then creates a new local account, or takes over the existing one.
  4. From now on, user can access the workstation without credentials by simply scanning a QR-code