ThumbSignin provides an additional security layer to protect windows computers. The administrator of an organisation as to download and install the Thumbsignin Connector app in the windows PC.
Thereafter whenever the account holders tries to log in to their computer, a QR code is displayed as a second factor authentication once they provide the windows username and password. Scanning the QR code using the ThumbSignin mobile app and authenticating with their fingerprint will let the user to login into the computer.
This can significantly enhance the additional security of an enterprise computer and protect critical data from unauthorized access.
- Operating System: Windows 10 or later.
- Processor: 1GHz or faster.
- RAM: 2GB
- Free hard disk space: 16MB
- A Microsoft account and Internet access.
- Operating System: Windows Server 2008 R2 Standard or later.
- Processor: Intel Core i5.
- RAM: 4GB
- Free hard disk space: 10MB
ThumbSignin also requires .NET Framework 4.0 or later. If the correct .NET version is not present on your system then the setup prompts you to install the .NET Framework.
- iOS 10.3 or above / Android Marshmallow or above.
ThumbSignin Supported Windows Authentication Platform
- Active Directory(Domain based account)
- Azure Active Directory.
- Local accounts.
- Microsoft accounts.
- Windows user must have password to login to the computer even though they have enabled ThumbSignin as second factor authentication.
- User can bypass ThumbSignin second factor authentication by restarting Windows in Safe mode.
- In case lose or new mobile device registration:
- AD / Azure AD / LDAP: Admin can reset the user authentication mobile device.
- Others: Must login to Safe mode to recover.
- ThumbSigninConnector.msi requires an admin access to install / uninstall.
Steps to install ThumbSignin
- Download and install ThumbSignin mobile app
- Login to Administrator account and then download ThumbSigninConnector.msi and install it on the required client machines.
Following are the screens with examples to show how ThumbSignin is protecting an enterprise windows machine.
Test the SETUP
Double click the ThumbSignin icon in the desktop to register with ThumbSignin by scanning the barcode.
Once the QR code is scanned, mobile app will ask the user to authenticate using the fingerprint.
After the successful fingerprint authentication, second factor authentication is enabled for the user.
The user submit the Windows credentials.
ThumbSignin Second-factor authentication
ThumbSignin QR code appears after the user successfully submit the Windows credentials. By scanning the QR code and authenticating the fingerprint user will be able to login into windows.
The Admin manages the second factor authentication for the domain users by creating a group called 2FA. Adding a user to this group will enable 2FA and removing the user from the group will disable 2FA.
Active Directory User list
Following are the list of available users under the domain controller domain.
Add user to 2FA group
To enable second-factor authentication for an user, admin can add the user to 2FA group.
Remove user from 2FA group
To disable second-factor authentication for an user, admin can simply remove the user from 2FA group.
Remove user access
To stop the user accessing the Windows pc delete the user account from the server or add to “ACCESS_DENIED” group. So that the user won’t even be able to login to the windows machine.
Windows Removed user account
Usually windows will take some time to sync, if the user has been removed from the organisation domain. ThumbSignin solution will take effect immediately whenever admin make changes.