Latest Two-factor authentication vulnerabilities review

According to information regards the latest security incidents with LastPass, Cisco, Uber, and Okta, adversaries exploited two-factor authentication procedures to disable or bypass access control. Such techniques as MFA Bombing, Fishing, MFA fatigue, and 2FA Men-in-the-Middle (MiTM) attacks were used to mislead end-user, steal plain text passwords and perform MiTM on two-factor authentication. The user-friendly feature “Allow authentication request” was misused as a tool. In all cases, adversaries were able to bypass two-factor authentication by either disabling it on target accounts, stealing MFA secrets, or adding a new MFA profile.

Read the rest of this entry »

Using SecureData USB flash drive for Windows and Mac Login

 We would like to recommend the use of a SecureData SecureUSB® Duo encrypted device in conjunction with Rohos Logon Key for Windows Logon two-factor authentication. This will give you an additional layer of security. SecureUSB Duo hardware-encrypted USB Flash Drive offers Host/OS Independent user authentication and military-grade security. User authentication can be done by using the physical keypad on the USB drive or via your smartphone using the free User app (iOS or Android). When using the keypad, you can either plug it into an open USB Port on any type of Windows computer and enter your 7-64-digit PIN (password) to unlock the drive, or press the key button, enter the PIN, and then plug it into any open USB port. When using the phone to authenticate, you will need to download the free app from the App Store for iPhone, or from the Google Play Store for Android devices. To unlock the drive using the app, you will need to plug the drive into the host and then open the app on the phone. Using a smartphone for user authentication offers additional security layers that you can set up in the app. You can set 2FA to unlock the drive or use bio-metrics. We also suggest setting up PIN recovery in the event the PIN is ever forgotten. Rohos Logon Key is the only solution on the market that allows the setup of two-factor authentication redundancy by employing multiple 2FA methods on the organization level or user account level. Read more to find out how to configure and use SecureUSB for Windows logon.

Read the rest of this entry »

Rohos Logon Key v.5.0 preview

We are glad to announce Rohos Logon Key 5.0 early preview with improvements in the ‘2FA bypass control’ feature and better compliance with Microsoft Defender. Read the rest of this entry »

Rohos Logon roadmap for 2022-23

Here we would like to share the items from the product roadmap briefly.

Read the rest of this entry »

Rohos Logon Key v.4.9

We are glad to announce Rohos Logon Key 4.9 with a new feature with an audit trail for 2FA configuration changes.

Read the rest of this entry »

Advise to setting up the admin account for OTP 2FA in conjunction with Rohos and remote access

We would like to share some advice regarding two-factor authentication and its use with an admin account when logging into Windows RDP. If it is not enabled currently we would strongly advise setting up the admin account for additional OTP authentication in conjunction with Remote Desktop access and Rohos Logon Key. Let’s review the pros and possible side effects. Of course, it is highly recommended to use 2FA for the admin account, and it is definitely recommended rather than keeping it 1FA only. Just to remind you the default RDP login based on NLA credentials (user login and password in plain form stored in .rdp connection file) from the client side is quite vulnerable now since these credentials may be stolen and used by malware operators in an automated way – so the attack speed will be just 5-10 minutes.  So today, the absence of additional authentication factors (2FA/MFA) is considered negligent. Even more, due to recent development in exploits and malware for the Windows operating system, desktop sessions created by regular user accounts also may be elevated to Admin Privileges in Domain or Active Directory (AD) with a high success rate depending on your defense type (Anti-virus type, EDR solutions, etc). So a variety of exploits for horizontal/lateral movement in AD are huge also.  But of course, Admin’s accounts are always a special target for cyber-criminals and are traded as a high-price asset on the darknet. To summarise, definitely you need to start your cyber-security efforts in 2FA from some point, and admin accounts are the right starting point, highlighting you have a cyber-security strategy.  Especially with Rohos, since it is very easy to start with and has a fixed one-time price. Read the rest of this entry »

Rohos Logon Key for Mac OS X 12 Monterey

24We have updated the Rohos Logon Key setup package for compatibility with Mac OX X 12, Monterey.

 

Rohos Logon Key for Mac now works on the latest version of Mac OX X 12. We have tested it with a USB flash drive, Yubikey, Bluetooth key, and Rohos Smartphone login methods.

Rohos Disk Encryption v.3.2

This is an update where we rebuilt all binary components in a safe environment after strengthening our internal software development security. We also checked Rohos Disk with the latest Windows 11 and new Google Drive “Stream Mode” feature. Both container file or file encryption is compatible with google virtual drive letter. Rohos Disk is a good choice for vendor-independent End-2-End encryption for your Google Drive, OneDrive, or DropBox files. What’s new in Rohos Disk v3.2:
  • Windows 11 Support tested and verified.
  • Removed legacy authentication modules.
  • Removed Folder Virtualization feature from Rohos Disk Browser.
  • Fixed installation of File Shredder tool  (Explorer “Send To” command in context menu).
  • Added Smartphone authentication method that allows using Android/iOS phone as a key for your Encrypted Disk.
  Learn more about the Rohos Logon Key authenticator app for Android> Latest Release: Download Rohos Logon Key for Android (apk). Or Install Rohos Logon mobile app by Google Play –
google-play-store-logo
Download for iOS, and install Rohos Logon mobile on your iPhone/iPod. Read the rest of this entry »

Windows 11 support

This is a short announcement to confirm that all the latest versions of Rohos software products are fully compatible with the latest Windows 11 operating system. We continue to develop Rohos product line by adding new features according to our plans. We appreciate all of our users and customers for the valuable feedback while choosing Rohos cyber security solutions.

Rohos Software compatible with Windows 11:

  • Rohos Logon Key, Rohos Logon Key free, Rohos Face Logon
  • Rohos Disk Encryption, Rohos Mini Drive

2FA bypass control in Rohos Logon Key 4.8

We are glad to announce Rohos Logon Key 4.8 with automated control over ‘2FA bypass scenarios’. The new experimental feature allows getting an immediate push notification on the smartphone when the 2FA procedure was avoided during login/unlock or reconnect to console or remote sessions. Because of well-known system vulnerabilities that allow RDP session hijacking, never-ending stories with 0-day exploits in RDP protocol or authentication system, unattended remote tools like TeamViewer or 2FA credentials theft during fishing or social engineering – all these lead to unpredictable threat models and risks.

Read the rest of this entry »

←Older