White paper: Bridge to Passwordless best practices
Today, the Yubico Login for Windows application (formerly Windows Logon Tool) is now generally available, providing a simple and secure way for YubiKey users to securely access their local accounts on Windows computers. Over the past six months, we’ve received valuable feedback from many of our public preview users, and have a clear path forward for ongoing improvements to the application.
The primary benefits of Yubico Login for Windows include:
- Highly secure and easy-to-use multi-factor authentication (MFA) for login using local accounts to Windows workstations
- Simple configuration for up to 10 individual users
- Fast enrollment for backup YubiKeys
- Easy recovery mechanisms for lost YubiKeys
Yubico Login for Windows is designed to provide strong MFA for logging into local accounts on Windows 7, Windows 8.1 or Windows 10 computers. It is not suited for logging into any of the following accounts: Azure Active Directory (AAD), Active Directory (AD), Microsoft accounts (e.g. username@outlook.com, username@hotmail.com, username@live.com).
While Yubico Login for Windows is now only applicable for securing local accounts, there are other solutions to secure AD and AAD accounts with MFA. Thanks to an ongoing partnership and collaboration between Yubico and Microsoft, YubiKey MFA is also an option for organizations with AAD or AD environments. For computers joined to cloud-based AAD, passwordless authentication with the YubiKey is currently supported in Azure AD preview. For accounts managed by AD, the YubiKey enables authentication as a PIV-compliant smart card (Windows 7+, Microsoft Windows Server 2008 R2+).
For more information on the Windows login options available with the YubiKey, and to download the current version of Yubico Login for Windows, please visit our computer login tools page. The multi-protocol YubiKey 5 Series or YubiKey 4 Series keys are required for compatibility with Yubico Login for Windows.