Quick access to a PC on a domain
-
@scottalanmiller said in Quick access to a PC on a domain:
What about proximity sensors that unlock it as soon as they get close? Or face readers that unlock it when it sees them looking at the screen?
Either could be fine, again, as long as they support some type of central authentication (even if it's pushed out via salt, or it's elk).
-
@scottalanmiller said in Quick access to a PC on a domain:
What about proximity sensors that unlock it as soon as they get close? Or face readers that unlock it when it sees them looking at the screen?
Do you have a product recommendation?
-
@dashrender said in Quick access to a PC on a domain:
@scottalanmiller said in Quick access to a PC on a domain:
What about proximity sensors that unlock it as soon as they get close? Or face readers that unlock it when it sees them looking at the screen?
Do you have a product recommendation?
No, I just know that they exist and Microsoft has demonstrated them.
-
@dashrender said in Quick access to a PC on a domain:
@scottalanmiller said in Quick access to a PC on a domain:
What about proximity sensors that unlock it as soon as they get close? Or face readers that unlock it when it sees them looking at the screen?
Do you have a product recommendation?
I'm guessing that your computer isn't new enough to support Windows Hello?
-
@dashrender said in Quick access to a PC on a domain:
@scottalanmiller said in Quick access to a PC on a domain:
What about proximity sensors that unlock it as soon as they get close? Or face readers that unlock it when it sees them looking at the screen?
Either could be fine, again, as long as they support some type of central authentication (even if it's pushed out via salt, or it's elk).
Authentication is separate from the login mechanism.
-
@kelly said in Quick access to a PC on a domain:
@dashrender said in Quick access to a PC on a domain:
@scottalanmiller said in Quick access to a PC on a domain:
What about proximity sensors that unlock it as soon as they get close? Or face readers that unlock it when it sees them looking at the screen?
Do you have a product recommendation?
I'm guessing that your computer isn't new enough to support Windows Hello?
Oh yeah, Windows Hello. I knew that they had a name for it.
-
@kelly said in Quick access to a PC on a domain:
@dashrender said in Quick access to a PC on a domain:
@scottalanmiller said in Quick access to a PC on a domain:
What about proximity sensors that unlock it as soon as they get close? Or face readers that unlock it when it sees them looking at the screen?
Do you have a product recommendation?
I'm guessing that your computer isn't new enough to support Windows Hello?
Desktops - so even new wouldn't matter. Extra hardware would/is required.
-
@scottalanmiller said in Quick access to a PC on a domain:
@dashrender said in Quick access to a PC on a domain:
@scottalanmiller said in Quick access to a PC on a domain:
What about proximity sensors that unlock it as soon as they get close? Or face readers that unlock it when it sees them looking at the screen?
Either could be fine, again, as long as they support some type of central authentication (even if it's pushed out via salt, or it's elk).
Authentication is separate from the login mechanism.
OK that's fair - the use of a device would need to be centrally admin'ed. i.e. I don't want to have to manage 10 prox cards for 10 devices around the network manually.
-
-
We've used some RFIdeas stuff in the past.
The one we have used basically returns keystrokes corresponding to a matched card. If my card is detected, it would fire the keystrokes for my username and password. You don't need to centrally manage anything as you write the credentials to the card and the reader is just the interface. If they lose the card or need a password change, you give them a new card or rewrite the existing card. Not sure how any of this plays with HIPAA stuff though...
They also have USB proximity sensors for auto-logout if that's something else you want.
-
@dashrender said in Quick access to a PC on a domain:
r access to the desktop. If the price isn't crazy, they might be sold on logging in individually - but unless loading the profile is 15 seconds or less, I don't seem them liking this (this is why we have a single shared profile now - not to mention roaming profile issues).
We have prox/hid cards here, shared logins is a no no.
-
You will need to make sure that your device supports TMP 2.0 to be able to use Windows Hello.
-
@dbeato said in Quick access to a PC on a domain:
@dashrender said in Quick access to a PC on a domain:
r access to the desktop. If the price isn't crazy, they might be sold on logging in individually - but unless loading the profile is 15 seconds or less, I don't seem them liking this (this is why we have a single shared profile now - not to mention roaming profile issues).
We have prox/hid cards here, shared logins is a no no.
The shared logon is for Windows only.. no data access.
Making each user log in separately would mean loading a profile each time, this is highly undesirable. These machines are Windows 10 4th gen i5 with 8 GB RAM (I think, could be 4 GB) with SSD drives.
-
@kelly said in Quick access to a PC on a domain:
You will need to make sure that your device supports TMP 2.0 to be able to use Windows Hello.
I could have sworn I read some different articles that say if no TPM 2.0, that it would still work in all software, less secure, but still doable.?
-
@dashrender said in Quick access to a PC on a domain:
@kelly said in Quick access to a PC on a domain:
You will need to make sure that your device supports TMP 2.0 to be able to use Windows Hello.
I could have sworn I read some different articles that say if no TPM 2.0, that it would still work in all software, less secure, but still doable.?
Maybe not: https://docs.microsoft.com/en-us/windows/device-security/tpm/tpm-recommendations.
-
-
@dashrender said in Quick access to a PC on a domain:
Yeah, that is what I was referring to. I'm realizing my post was a bit ambiguous...
-
Nothing against you - I just like to have the answer right here in the post - just getting a link is pointless - links often die off and then the actual data for the post is lost.
-
@dashrender said in Quick access to a PC on a domain:
Nothing against you - I just like to have the answer right here in the post - just getting a link is pointless - links often die off and then the actual data for the post is lost.
No worries
