Windows Logon MFA with Offline 2FA

Lock down access to Windows operating system domains and accounts by every user, on every device, in every deployment architecture.

MS-Windows (1)

SurePassID MFA for Windows and Windows Server Login

SurePassID integrates with Windows versions to secure logons with multi-factor authentication (MFA). For on-premise systems, we can leverage your local Active Directory (AD), Active Directory Federation Services (ADFS), or Network Policy Server (NPS). For cloud systems, we can leverage Azure Active Directory (Azure AD) Application Proxy. Alternatively, we can use third-party directories or SurePassID’s built-in identity directory functionality.

SurePassID also enables Windows MFA Logon with Offline 2FA, enabling you to lock down Windows logon for all use cases, including offline ones.


Supported Windows Versions (32-bit and 64-bit)

  • Windows 11
  • Windows 10
  • Windows 8.1
  • Windows Server 2022
  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2
  • Windows Server 2012

Unsupported Windows Versions

  • Windows Server 2008 R2 SP1 (end of life January 2020)
  • Windows 7 (end of life January 2020)
  • Windows Vista (end of life April 2017)
    Windows XP (end of life 2015)
  • Windows 2003 (end of life 2014)
  • Windows 10 Mobile
  • Windows Phone
  • Windows Mobile Professional, Standard, and Classic
  • Windows Mobile for Automotive
  • Windows Mobile for Portable Media Centers

Embedded Windows Solutions

Embedded systems encompass a wide range of OSes and device use cases. Operational Technology (OT) devices and ICS/SCADA systems are often built on Windows 7 and require special on-premise or air-gapped MFA capabilities.

SurePassID addresses these challenges with special solutions for embedded Windows systems. This includes custom integrations for legacy (unsupported) versions of Windows, particularly Windows 7. From simple API calls to advanced MFA integrations for legacy Windows and Windows Server login, SurePassID has the innovative solutions that OT enterprises and ICS/SCADA vendors require.


Windows is your largest attack surface. Secure it with SurePassID MFA.

Zero Trust everywhere

SurePassID makes it easy to achieve Zero Trust. Deploy MFA for IT in the cloud, OT on-premise or in private clouds.

Outstanding ROI

User self-service. Administrative automation. Unrivaled technical support. Everything about SurePassID maximizes your ROI.

Regulatory compliance

No matter what your cybersecurity mandate, SurePassID has the MFA solution you need for compliance.

Five 9s availability

MFA is mission critical. SurePassID has the Five 9s (99.999%) availability, redundancy, and automatic failover you need.

Phishing resistance

FIDO2 and CAC/PIV are the forms of phishing-resistant MFA that exist today. SurePassID enables you to make the most of both.

Cyber liability insurance

Securing privileged accounts with MFA is a foundational requirement of CLI. Achieve it rapidly and cost-effectively with SurePassID.

360° view of user access

SurePassID delivers a 360 degree view of user access across your IT/OT apps and integrates it with your SIEM or SOAR solution.

AI-based access monitoring

SurePassID's AI-based monitoring automates the alerting and interventions for lateral movement and unauthorized access.