Forum Discussion
Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon
The architecture of Windows is different.
You will use 2FA because login page is accessible remotely from internet.
However, in case of Windows, you will need to have physical access to the system and you may use other methods like BitLocker.
Reza_Ameri MFA using push notifications is massively more secure than existing Windows Hello solutions.
The argument that PIN + device or Face + Device is MFA is unreasonable. The technology is literally already there.
This is definitely needed.
Reza_Ameri This response is a total ignorance of the nature of the request. Everyone in the modern world has a smart phone. We can and should be able to authenticate logins (remote and at end terminal systems) via verifying a 2nd factor. That can and should offer Text Message, E-Mail, Automated Phone Call (with code), and some "talk to a person" option if all else fails. This is not a joke, it is important and a major security concern.
- Using Smart Phone is not a very secure way to do it, there are limitation in protection phones and while it is easy to manage Windows, there are some limitations in managing phones and when someone hack into the phone, they have access to everything including 2FA.
However, your idea might work in certain scenarios and it depends on the security requirements. Therefore, I advise you to use the Feedback Hub app in the Windows 11 or Windows 10 and file a suggestion and explain your requirements and share it, those who agreed with this , would be able to upvote it.Reza_Ameri It's more secure than using a single factor alone and it's good enough for all the other services that use MFA. The odds of someone having your password or pin and hacking your phone in some way are slim to none. We should be able to use MFA at PC login.
