OneLogin launches passwordless device authentication for Windows PCs without Active Directory
OneLogin has launched an access and identity management product for companies to authenticate Windows PCs for cloud applications with their OneLogin password or additional authentication factors including biometrics.
OneLogin Desktop Pro for Windows allows businesses to authenticate directly against OneLogin in the cloud, without having an Active Directory infrastructure behind the firewall, according to the announcement. This allows users to be authenticated against a live directory without sacrificing usability or security, wherever they are located. Security policies can be set to require additional factors such as push notification through OneLogin Protect, one-time SMS password, third-party vendors, or biometrics through technologies like Windows Hello.
“The future of the enterprise is passwordless,” said Thomas Pedersen, Co-founder and CTO of OneLogin. “Enterprise work habits have changed dramatically over the past twenty years. Today’s workforce is highly distributed. They primarily use cloud apps and often on personal devices. Active Directory is simply unable to effectively support this environment, resulting in end-user frustration and security risk.”
Research by OneLogin shows 43 percent of employees work remotely at least part-time, and 69 percent of professionals consider workplace flexibility to be critical when evaluating potential employers. Many companies are motivated to rely less on Active Directory in order to support distributed workforces and the adoption of different systems, such as Macs.
PCs running Windows can be enrolled in OneLogin Desktop manually or with device management solutions like Windows GPO, AirWatch, Meraki, or JAMF. A PKI certificate is stored in Windows Certificate Manager and binds its authentication to OneLogin’s cloud directory. After enrolling, users can sign into their PC through the OneLogin portal.