CodeB MFA/2FA/SSO Tools
Explore the Comprehensive Suite of SSO and 2FA Tools Offered by CodeB
Windows Logon Reinvented: CodeB's Advanced Security Extends to Web Applications with OpenID Connect and TOTP Authenticator
CodeB Toolbox
The CodeB Credential Provider is available in two distinct editions to cater to diverse user preferences and requirements. The first edition is the System Tray Stand-alone Application, a comprehensive solution that integrates all crucial components into one system tray application. This edition is particularly suitable for users who prefer straightforward and direct approaches. The second edition is the Suite of Tools and Applications, designed for users who seek granularity and precision. It offers a range of standalone tools and applications, making it highly preferred in enterprise environments where customized solutions are crucial. This edition is especially valued by those who desire specific and detailed security solutions, ensuring each aspect of their system is meticulously protected and managed.
Install CodeB Credential Provider
To set up the CodeB Credential Provider, available as a fully managed code single library, adhere to the following instructions: 1. Execute "CredentialProviderInstaller.exe" using elevated Administrator privileges. This step is crucial for the installation of the library and its registration as a Windows Credential Provider. 2. With the appropriate permissions, find and click the "Install Credential Provider" button to finalize the installation. 3. Launch "SmartLoginLicensing.exe" with elevated Administrator rights. This is necessary for the accurate registration of the license in the system. 4. Input your license key and click "Save Key". If you need an evaluation key, please contact info@aloaha.com.
2FA and 3FA Credential Linker
To enhance the security of your Windows Credential - whether it's local or domain - you can use the "Link2FA.exe" tool to add a second and even a third factor. Note: This tool is available in the Systemtray Edition as "Multifactor Authentication" Using Authenticator as a Factor: CodeB is compatible with most Authenticator Apps. However, remember that the majority of these apps support only 6 digits and use Sha1 as the algorithm. If you need more flexibility, opt for the CodeB Authenticator App. Using NFC as a Factor: CodeB accommodates a wide array of NFC Cards, including company badges, MIFARE, DESFIRE Cards, Credit Cards, or a Mobile with the CodeB Authenticator installed. If your token isn't supported, reach out to info@aloaha.com for assistance. Choosing Between 2FA or 3FA: By default, you can use either the One-Time Password (TOTP) or the NFC Token as the second factor. If you want to require both on every logon, activate the "Require NFC and TOTP" checkbox. This will enable CodeB in 3FA mode, necessitating both factors for every login.
TOTP as Single Factor
Time-based one-time passwords (TOTP) are frequently used as a second factor, but they don’t alleviate the need to remember complex passwords. However, with the "LinkTOTP.exe" tool (accessible as "TOTP Credentials" from the System Tray), you can establish a soft token for your local or domain credentials, allowing you to log in to Windows using only the TOTP as a single factor. Additionally, you have the option to configure an additional "Optional Secret", which can then act as a static second factor, enhancing the security of your login process. This means you can have a more streamlined login experience without compromising security.
Login with NFC Token
NFC Tokens, including Company and Student Badges, MIFARE or DESFIRE Cards, Physical Access Cards, Bus Tickets, and Credit Cards, are prevalent. Additionally, our CodeB Authenticator transforms your mobile device into an NFC Token, associating the mobile identity with the mobile's NFC Interface. Utilize the "LinkNFCCard.exe" tool (accessible as "NFC Credentials" in the System Tray Version) to associate your token with your local or domain credentials. This method facilitates one-factor authentication, enabling "Tap to Logon" capabilities. To witness this feature in action, click on the "View Video" below. To enhance security, a supplementary "Logon PIN" can be established as the second factor, ensuring a robust and secure authentication process while maintaining user convenience.
Pioneering with OpenID Connect
To log in to Windows using Mobile OpenID Connect, follow the innovative user authentication method below, where your mobile device acts as the Identity Provider, authorizing your login to Windows. To associate your local or domain Windows credentials, run the tool "LinkOpenID.exe" or select "OIDC Credentials" from the System Tray. Please ensure that the "Binding PIN" matches the one configured in the OIDC Settings within the "CodeB Authenticator". This process links your mobile device to your Windows credentials, allowing for secure and efficient user authentication.
Mobile Bluetooth as 2FA or Passwordless Token
Utilizing mobile Bluetooth for 2FA (Two-Factor Authentication) or passwordless entry to log on to Windows systems offers a blend of convenience and enhanced security. Mobile devices are typically always within arm's reach, making them a practical choice for an authentication tool. The Bluetooth connection is straightforward to establish and doesn't require any additional hardware. It's a seamless, user-friendly way to enhance security without the need for remembering complex passwords or carrying additional physical tokens. The integration between mobile Bluetooth technology and Windows systems brings a modern, efficient approach to securing sensitive information and ensuring only authorized access to critical resources.
Traditional X.509 Smartcard
Windows inherently allows users to log in using an X.509 Certificate, but the prerequisites are stringent. The machine must be a member of a domain, and the logon certificate must be issued by the domain's Certification Authority. However, the CodeB X.509 Credential Linker, accessible as "LinkX509.exe" or "X.509 Credentials," mitigates these stringent requirements. It allows the X.509 Certificate to be hosted either in the local system certificate store or on any smart card, eliminating the necessity for domain membership and specific certificate issuance. Additionally, there are no specific requirements for the certificate itself, as long as it possesses data decryption capabilities. This tool simplifies the process, making secure logon more accessible and user-friendly.
Plain USB Memory Stick as Token
Almost everyone possesses a USB Memory Stick, but many are unaware that it can be used as a credential token. Run the tool "LinkMEMStick.exe" or select "USB Stick Credentials" from the System Tray. It will store your local or domain credentials will be securely on your stick, encrypted with AES256. For added security, you can set up a "Logon PIN". Now, you can log in to your machine using just the stick and the PIN, ensuring a secure and convenient login experience. Keep your USB stick safe to maintain the security of your credentials.