top of page

Go Passwordless With Microsoft On-Prem
or in the Cloud

Crayonic delivers multifactor authentication solutions compliant with FIDO2 and PIV Smart Card standards compatible with Microsoft infrastructure.

Mockup_microsoft_crop.jpg

CRAYONIC SOLUTIONS PROTECTS USERS AGAINST

phishing

man-in-the-middle attacks

credential stuffing

keyloggers

With Crayonic products organizations can eliminate passwords, prevent credential theft, and meet regulatory requirements for phish-resistant multifactor authentication and data protection. 

Our solutions are optimized for critical infrastructure and healthcare.

IN CLOUD AND ON-PREMISE

Crayonic KeyVault™ can be registered as the primary authentication for any corporate Azure Active Directory account or a personal Microsoft account.

The user can then securely sign into 

  • Microsoft Office 365 

  • Microsoft Teams

  • Microsoft Entra ID Portal 

  • On-prem enterprise applications 

  • 3rd-party cloud applications

  • and even Windows 10 desktops

 

Microsoft Azure AD Connect enables extending passwordless authentication to resources running on-premise, like file and print servers.

sign_in4_new.jpg
sign_in2_new2.jpg
SIMPLER SAFER LOGIN

Crayonic KeyVault™ offers a better user experience than traditional authentication methods.

 

Users can avoid remembering usernames & passwords and re-typing one-time passwords (OTPs) from tokens or apps running on their smartphones. Regularly enforced password changes is a thing of the past.

With Crayonic KeyVault, signing in to Windows 10 and  Office 365 is as fast and easy as opening a car using a remote key, yet far more secure.

REDUCED IT INVOLVEMENT

The necessary involvement of IT staff is radically reduced as most users can enroll and recover the security token themselves.  

IT can dedicate more attention to the fast and secure onboarding of remote workers. 

 

A single KeyVault device may be paired with multiple user accounts, which simplifies the Privileged Identity Management workflows.

 

The new FIDO2 standard also removes the dependence on complex enterprise PKI providing further cost savings.

sign_in3_meno.jpg
PLUG & PLAY USER EXPERIENCE

The user’s PC or mobile device connects to KeyVault via USB, Bluetooth, or NFC.

Supporting open standards FIDO2, FIDO U2F, and W3C WebAuthn makes KeyVault fully compatible with all major platforms. No need to install additional software on Windows 10, macOS, Linux, Android, iOS.

Windows 10 comes with inbox FIDO2 and PIV drivers and it even contains a basic GUI for security token management. The end-user experience with Crayonic KeyVault™ thus really is plug-and-play.

LEGACY INFRASTRUCTURE & APPS?
NO PROBLEM

Crayonic KeyVault also emulates a PIV-compliant smart card, providing compatibility with existing on-premise Active Directory deployments and PKI infrastructure.

Users can use the KeyVault with their fingerprint or PIN to securely login to Windows workstations, Remote Desktop, VDI, VPN, Wi-Fi, 802.1X, and intranet web applications.

Through the Crayonic Gateway, it is possible to easily issue X509 certificates or dynamic or static passwords directly into KeyVault over the web browser.

Keyboard over BLE and USB emulation enters passwords for users into legacy desktop and mobile apps.

sign_in5_meno.jpg
kluce2.png
Custom features:
  • Physical access control (NFC, RFID)

  • Follow-Me printing (NFC)

  • Generating one-time passwords compatible with OATH (TOTP / HOTP) or custom schemes

  • Blockchain HW wallet for SSID use cases

  • OpenPGP encryption and authentication

  • Signing of electronic documents with a qualified electronic signature according to eIDAS.

bottom of page