Introduction
Windows Login application (Version 2.0), delivered via the Windows Authenticator installer, is an enhanced authentication solution designed to provide faster, more secure, and scalable user access. It supports both online and offline authentication and introduces improved session management, performance optimization, and streamlined deployment capabilities.
Key Capabilities
Supports online and offline authentication using a local database.
Enables fast user switching without disrupting active sessions.
Security Hardening & Enhancements.
Provides Epic Hyperdrive Integration.
Provides a unified installer package for simplified setup.
Provides a tray-based application interface for easy access and control.
Supports automatic post-login application launches.
Installation and Deployment
Delivered via the Windows Authenticator installer.
Supports silent installation using scripts.
Enables MDM-based deployment for enterprise environments.
Supports automated device pairing during installation.
Related Documentation: How to Download, Install, and Auto-Pair Windows Authenticator App (Version 2.0)
Auto Pairing and Setup
Handles all pre-requisite binaries such as .NET and CouchDB
Supports Auto-pair through installer package file.
Auto downloads optional dependencies.
Devices can be paired automatically using MDM configurations.
Supports script-based installation for bulk deployments.
Minimizes manual intervention during setup.
Feature to Capability
On-device Face Recognition
Performs biometric authentication using facial recognition processed locally on the endpoint, enabling fast user verification without transmitting biometric data externally.
Local Cache Server
Maintains a local cache of authentication data to support login and authentication workflows during network unavailability or latency, ensuring continuity of access.
Presence Detection
Monitors user proximity to automatically initiate authentication, enable hands-free login, and enforce session security by triggering session lock or timeout when the user is no longer present.
Oloid Launcher
Provides a centralized interface to launch configured applications and initiate authentication-driven workflows immediately after user verification.
EPIC Integration
Supports secure authentication and seamless access into EPIC workflows by integrating passwordless authentication with EPIC application sessions.
Session Management
Windows Login application (Version 2.0) introduces structured session tracking for better visibility and control across devices and users.
Session Types
Device Session – Initiated when the device is powered on.
Terminal Session – Created when a terminal session starts on the device.
User Session – Begins when user logs in through oloid or manually.
App Session – Tracks usage of individual applications.
Session Hierarchy
Device Session
↳ Terminal Session
↳ User Session
↳ App Sessions
Logging and Monitoring
Logs are stored locally and used for:
Troubleshooting
Performance monitoring
Session tracking
Automatic Log replication
Dev Dashboard: A completely new app is added to debug or visualize various session management scenarios. This reduces large complexity of understanding session states and possible edge cases.
Related Documentation: How to access Dev Dashboard for Windows Passwordless V 2.0
Performance Optimization
Improves application launch times.
Enhances responsiveness during user switching.
Optimizes system performance during login and post-login stages.
Comparison: Windows Login Application Version 1 vs Version 2.0
Windows Login application Version 2.0 introduces significant improvements over Version 1 in terms of performance, scalability, deployment, and session management.
Key Differences
Feature | Version 1 | Version 2.0 |
Deployment Capabilities | Cloud Based | Cloud Based, On Prem Deployment and Hybrid |
Authentication Mode | Primarily online | Supports both online and offline authentication |
Performance | Standard login and app launch times | Optimized login and faster post-login application launches |
User Switching | Standard Switching (2-3 seconds) | Fast user switching (3x faster switching) |
Session Management | Basic session tracking | Structured session hierarchy (Device, Terminal, User, Application) |
Application Launch | Manual or limited automation | Supports automatic post-login application launches |
Deployment | Manual installation | Supports silent install, script-based install, and MDM deployment |
Device Pairing | File based Auto-pairing | Supports Direct pairing (Auto-pairing from unified installer file and MDM) |
Installer | Separate or basic installer | Unified installer (Windows Authenticator) |
Logging | Limited logging | Enhanced logging for troubleshooting and monitoring |
Scalability | Suitable for smaller setups | Designed for enterprise-scale deployments |