Product & Technology / Security & Compliance

Introducing OneLogin Desktop Pro for Windows

Michael Tsai
Post author:Written By

Introducing OneLogin Desktop Pro for Windows!

Introducing OneLogin Desktop Pro for Windows
We’re very excited to announce the general availability of the much awaited OneLogin Desktop Pro for Windows! Our engineering team took on an extensive redesign effort to ensure that the new release delivers a strong foundation for future functionality enhancements. Today we’re pleased to offer an enhanced user-experience for our Windows community of users and admins.

OneLogin Desktop brings admins and end users a step closer to a more secure, passwordless future. In our 2019 Password Practices study, we found that in the US, 36.7 percent of companies have 26 to 100 apps that require individual passwords. And in the UK, 60 percent of companies have 26 to 100 apps that require individual passwords. That’s a lot of passwords! With OneLogin Desktop, end users no longer need to maintain and remember separate passwords for each app when they log into their machines. Instead, our new release for Windows offers end users a simple, secure machine login and browser single sign-on (SSO) experience when accessing their business and personal apps. Additionally, admins can maintain strong password requirements at the machine login level through user policy configuration.

The OneLogin Desktop Origin Story
OneLogin Desktop was originally developed to meet an internal need at OneLogin. Like other companies going through hypergrowth, we were faced with the challenge of managing and enforcing strong password policies across all corporate devices. As a cloud-first company, we didn’t have an Active Directory (AD) environment to domain join our in-house devices. We also had to manage numerous laptops and desktops used by our remote employees. As we developed a solution to address our own challenge, we discovered that our customers and prospects were faced with the very same need.

Simplicity and ease of use have always been a priority in our development. So, we set out to design a user experience that aligns perfectly with our company name, OneLogin. As an end user, you should only have to log in once (YOLO) to access all of your apps. And that’s how the first version of OneLogin Desktop was born.

OneLogin Desktop vs. OneLogin Desktop Pro
So, what’s the difference between OneLogin Desktop and OneLogin Desktop Pro? Both share a secure and password-less browser SSO experience. However, OneLogin Desktop Pro further enhances device security by enforcing OneLogin credentials during machine login. This allows admins to apply strong password policies for machine login and eliminate the need for end-users to remember a separate password just to sign into their laptop. It’s that simple!

OneLogin Desktop Pro for Windows architecture

How does it work?
By enforcing OneLogin credentials during machine login, end users no longer need a second set of credentials to access their laptop. Once a user is logged into their machine, certificate-based authentication enables a seamless browser SSO experience. Here’s how:

  • User enters OneLogin credentials at machine login
  • OneLogin credentials authenticate against the OneLogin Cloud Directory
  • User gains access to the OneLogin portal through their browser
  • The browser performs certificate-based SSO (passwordless) and authenticates the user against the OneLogin cloud directory
  • Successful browser authentication enables the user to access their portal and cloud applications.

Installing OneLogin Desktop or OneLogin Desktop Pro also introduces the OneLogin Tray App. Not only does the OneLogin Tray App provide an authentication portal where end users can bind their OneLogin identity to their machine during registration, but it also grants end users seamless access to their OneLogin Portal without re-entering their credentials, and an easy interface to change their password and get notifications when their password is about to expire.

OneLogin Desktop signin screen for Mac vs. Windows

Admins can install OneLogin Desktop or OneLogin Desktop Pro locally on machines before handing them off to employees. Alternatively, they can remotely deploy the Desktop installation through third-party MDM solutions like Airwatch or Meraki. Since end users bind their OneLogin identity with their machine, admins can enforce strong password policies at the machine login level. This also reduces risk by eliminating credential-sharing for shared workstations. OneLogin Desktop also helps admins save time by enabling self-service password resets for end users.

Listening to our customers
Since the launch of OneLogin Desktop Pro, our customers have consistently shared two feature requests: Multi-factor Authentication (MFA) support at machine login and Shared Workstation. As part of the early Preview Program for OneLogin Desktop Pro for Windows in June, we were able to put into production both functionalities and received valuable feedback from admins and end users. We’re excited to include Shared Workstation functionality in today’s release! And MFA support will be coming soon for both Windows and Macs.

Want to learn more about OneLogin Desktop Pro for Windows? Check out the datasheet and register for the upcoming product webinar!

Tags:

About the Author

Michael Tsai

Michael is passionate about connecting people and ideas, while creating value-add solutions and delightful experiences for all users. As a seasoned product manager at OneLogin, he primarily focuses on securing access and authentication across mobile and desktop devices, and application provisioning. Prior to joining OneLogin, he held multiple roles in automotive and medical device companies, working on both hardware and software products.

Related Articles