cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

H725
Copper Contributor

‎Aug 04 2021 03:35 AM

‎Aug 04 2021 03:35 AM

Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

Hi,

It should be useful having 2 Factor Authentication for Windows Logon and RDP Logon.

 

Tip solution 1:

A. In Logon window the user write the first password (by the way, make max length longer and activate Paste  and Copy)

 

B. Then the user receives a notification from App on his smartphone and he can insert the second password)

-------------------------------------------------------------

 

Tip solution 2 (stronger and more convenient):

 In Logon window the user choose to load the first password from a cyphered wallet on a pen drive (the cyphered wallet on a pen drive has been created previosly by Windows, which even created a 'Long Casual Password' for Logon) 

So the system:

A. Sends to a notification to th App on User's smartphone and the User can insert his 'Short password'

 

B. Then the system accesses to the cyphered wallet on User's pen drive and retrieves the 'Long Casual Password' for logon 

 

 

 

18.4K Views
0 Likes
8 Replies
Reply
8 Replies
Reza_Ameri

‎Aug 04 2021 06:04 AM

‎Aug 04 2021 06:04 AM

Re: Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

Microsoft is following different policy and it is removing password and technologies like Windows Hello Face recognition, PIN , etc.
The architecture of Windows is different.
You will use 2FA because login page is accessible remotely from internet.
However, in case of Windows, you will need to have physical access to the system and you may use other methods like BitLocker.
0 Likes
Reply
Rob_Wilkens

‎Nov 18 2021 02:03 PM

‎Nov 18 2021 02:03 PM

Re: Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

@Reza_Ameri This response is a total ignorance of the nature of the request.   Everyone in the modern world has a smart phone.  We can and should be able to authenticate logins (remote and at end terminal systems) via verifying a 2nd factor.  That can and should offer Text Message, E-Mail, Automated Phone Call (with code), and some "talk to a person" option if all else fails.  This is not a joke, it is important and a major security concern.

0 Likes
Reply
AkeechAmacon

‎Jan 04 2022 12:53 PM

‎Jan 04 2022 12:53 PM

Re: Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

@Reza_Ameri MFA using push notifications is massively more secure than existing Windows Hello solutions.

 

The argument that PIN + device or Face + Device is MFA is unreasonable. The technology is literally already there.

 

This is definitely needed.

0 Likes
Reply
Little_Joe

‎Jan 05 2022 12:53 AM

‎Jan 05 2022 12:53 AM

Re: Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

Well... This would be unnecessary for the login window to implement MFA.

As by current design, MFA should be implement on critical services or system e.g. Microsoft 365 suite or access www.office.com. If MFA detect un-usual signal it will requires MFA authentication.

If adding this to the login window only could cause more authentication attempts for the end users not a good one.
0 Likes
Reply
AkeechAmacon

‎Jan 05 2022 05:58 AM

‎Jan 05 2022 05:58 AM

Re: Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

Access to local files isn't considered critical? I support enterprise environments, this is sorely missing. Having it as an option wouldn't affect anyone's workflow that didn't want it.

Third party tools such as Duo currently fill this need but are very expensive. Windows Hello already has the Authenticator support as it's included in the enrollment phase
1 Like
Reply
Reza_Ameri

‎Jan 05 2022 07:23 AM

‎Jan 05 2022 07:23 AM

Re: Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

Using Smart Phone is not a very secure way to do it, there are limitation in protection phones and while it is easy to manage Windows, there are some limitations in managing phones and when someone hack into the phone, they have access to everything including 2FA.
However, your idea might work in certain scenarios and it depends on the security requirements. Therefore, I advise you to use the Feedback Hub app in the Windows 11 or Windows 10 and file a suggestion and explain your requirements and share it, those who agreed with this , would be able to upvote it.
0 Likes
Reply
Thilo Langbein

‎Apr 29 2022 07:54 AM

‎Apr 29 2022 07:54 AM

Re: Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

We have to use two factor authentication for Windows sign-in of Azure AD/MEM managed devices too. What solution do you use now?
0 Likes
Reply
Arsonfly

‎Oct 26 2022 11:00 PM

‎Oct 26 2022 11:00 PM

Re: Windows 11 Feature Requests: 2 Factor Authentication for Windows Logon and RDP Logon

@Reza_Ameri It's more secure than using a single factor alone and it's good enough for all the other services that use MFA. The odds of someone having your password or pin and hacking your phone in some way are slim to none. We should be able to use MFA at PC login. 

0 Likes
Reply