Extend Okta MFA policies to desktop sign-on

MFA for desktop sign-on

Deliver frictionless IT security from desktop to cloud.

Extend Okta MFA policies to desktop sign-on.

It’s so easy to extend a customer’s security posture right down to the desktop sign-on experience, you’ll want to do it for your own team too.

ZeroTek uses TecMFA, an Okta-compliant credential provider, to deliver a frictionless security experience for Windows and Mac desktop sign-on, powered by Okta.

  • With TecMFA, users are required to authenticate from the desktop lock screen, according to the MFA and adaptive sign-on policies configured for them in Okta.
  • Deliver a user experience that makes sense, with the right level of security protecting devices and systems according to the user’s specific context.
  • Require MFA so that in the scenario of credential reuse and/or theft, devices are still secure.
  • Reduce risks, support regulatory compliance, and meet eligibility criteria for the strictest Cyber Security Insurance policies.

 When you’re ready to learn more, book a call with us.

ZeroTek | Okta + TecMFA


Context-Specific MFA

Enforce MFA policies that depend on network or online status. 


Okta allows you to define appropriate MFA policies by context. For example, stricter MFA might be configured for out-of-network devices than for in-network devices; or depend on whether the machine is online or disconnected from the Internet.


User-Specific MFA 

Enforce different MFA policies for different user types. 


Meet specific customer needs by configuring different MFA policies for different user types, such as Local Standard User, Local Admin User, Domain User, Domain Admin, Azure User, and Microsoft User.


Privileged Access Protection

Require MFA for privileged access. 


Make MFA required to access User Account Control (UAC) settings.


RDP and VDI Protection 

Secure remote logins for RDP and VDI sessions.


Require MFA for RDP sessions and VDI (Citrix, Microsoft RDS, VMware Horizon, etc.)


Administrator Bypass

Allow Administrator MFA bypass to user devices.


Allow Administrators provide bypass codes to users that don’t have access to their factor.


Remote Deployment

Remotely deploy installer packages to relevant devices.


Installer packages can be easily and quickly deployed to all relevant devices through an RMM, Intune or other package deployer.