Unlocking lock screen without authpoint query
Is there an option to only request Authpoint when Windows is started for the first time?
Users use the lock screen while working and have to enter their password and Authpoint there to unlock the PC.
Authpoint alone would be the best solution without a password.
Or
Password alone without Authpoint again would be in second place.
Does anyone know this requirement and perhaps have a solution for it?
Thanks :-)
Best Answer
-
james.carson
Moderator, WatchGuard Representative
Hi @PeterW
There isn't any option to disable MFA specifically for a user whom has authenticated at least once to that local PC. Considering that the majority of users don't use hard drive encryption, it's pretty easy to find a username that has successfully logged into a PC previously.
If there are specific locations where users are most impacted, you can add that location to a network policy object so that they do not have to approve a push at that location. See:
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/authpoint/policy-objects_network-location.html-James Carson
WatchGuard Customer Support0
Answers
Hi James,
Thank you for your quick reply.
The option to prevent this in the "secure" internal area would be an option.
We will test this.
Best Regards
PeterW