SurePassID Authentication Server keeps Windows domain and account logons secure – in all use cases. SurePassID seamlessly integrates with Microsoft Windows client and server operating systems to add two-factor authentication (2FA) to local and Remote Desktop logins. Enforcing Zero Trust and maintaining secure access to company resources has never been easier.

But what if the user is offline when trying to login? Then SurePassID automatically falls back to an OATH HOTP (event-based) passcode generated by their Push Authenticator app or other registered authenticator. The result is seamless end-to-end authentication with no inconvenience to the user or calls to your helpdesk.

SurePassID Authentication Serve can secure any RADIUS-compliant or TACACS+ system such as Microsoft Universal Access Gateway, VPN routers/devices, Citrix applications, Wi-Fi access points, FreeRADIUS on Linux distros, Cisco applications, and more. SurePassID supports key features such as:

• Challenge Response – The server “challenges” the user for any of their registered assigned credentials. Most challenges will be to provide a One Time Password (OTP) after successfully entering a valid username and password. (Some RADIUS and TACACS+ devices only support single-factor authentication, in which case two-factor authentication (2FA) is added by appending the OTP to the user’s password.)
• Proxy Server Chaining – In RADIUS authentication, there are often multiple RADIUS servers as part of the authentication process.
• nFactor Authentication Framework – Enables organizations to define dynamic authentication methods at the time of authentication on a user by user basis.

But SurePassID’s strengths don’t end there. As a highly extensible solution, our platform encompasses on-prem, cloud, and hybrid deployment architectures. No matter what your RADIUS or TACACS+ clients and remote access gateways look like, SurePassID can secure it with RADIUS and TACACS+ multi-factor authentication.

Connecting remotely to workstations and server infrastructure is an everyday occurrence for IT/OT organizations – and a focus of ransomware gangs and hostile state actors exploiting security breaches. No matter whether you’re using Windows Remote Desktop Protocol (RDP) or Secure Shell (SSH) protocol, securing remote access on local consoles or via incoming connections is essential to Zero Trust and regulatory compliance.

SurePassID Authentication Server seamlessly integrates with your identity provider and RDP or SSH servers to secure remote access with MFA. For RDP, Credentialed User Access Control (UAC) elevation requests can invoke MFA depending on your Windows UAC configuration. For SSH, MFA can be applied to both Shells and Tunnels. The result is RDP/SSH multi-factor authentication that you can rely upon.