By ensuring that all application access is authenticated via two factors, OneLogin Desktop dramatically increases security. Best of all, multi-factor authentication happens without the effort of having to pull out your phone — a huge win for remote employees and road warriors!
1st Authentication Factor
OneLogin Desktop installs a certificate specific to a user and laptop, providing a first authentication factor.
2nd Authentication Factor
When users log in using their Windows or OS X password, they provide a second authentication factor.
User Authenticated Into Portal
These two factors authenticate users into their OneLogin Portal, enabling them to access SaaS applications with a single click.
OneLogin lets you enforce password policies for all your laptops — not just your PCs — such as password complexity, rotation, and uniqueness. Even if 95% of your company is on Windows, you can’t afford to have 5% of your machines — your Macs — provide hackers with a possible entry point into your systems. Especially if they’re used by developers accessing sensitive data.
“OneLogin Desktop is the missing piece of the puzzle that we’ve been waiting for. We can finally get rid of our internal directory and have users not only authenticate to the cloud but bind our entire fleet of Macs directly to the cloud. We knew this day would eventually come and we’re really excited to be partnering with an innovative company like OneLogin to make it happen.”Tim Schwartz
OneLogin Desktop lets IT administrators manage authentication of Macs and PCs without the hassle of maintaining Active Directory, VPN, or LDAP. This is especially useful for laptops not bound to Active Directory, such as Macs — or PCs used by contractors, vendors, and customers. It is also useful for remote PC users frustrated by having to use VPN to access on-premises Active Directory through a firewall. Optionally, you can have Active Directory sync to OneLogin Directory using our Active Directory Connector, and to LDAP using our LDAP Connector.
By using operating system login for SSO login, user sign-in is simplified, and service desk loads are reduced. Since password-reset requests typically account for 20 to 30% of service desk load, this frees time for IT to focus on higher-value activities.
Because users only log in once to access their application portal and SAML-enabled web and desktop apps, OneLogin’s streamlined authentication process saves time for every user, every day. These time savings add up, yielding user productivity benefits well into hundreds of thousands of dollars annually for a company with 1000 employees.
OneLogin Desktop lets you see which users’ laptops have connected to OneLogin and when, along with essential device details. You can find untrusted laptops that don’t yet have a certificate installed, or laptops that haven’t been used in awhile (and thus might be lost or stolen). And you can revoke a certificate on a lost, stolen, or repurposed machine.