ManageEngine ADSelfService Plus Adds Two-Factor Authentication Support for Windows Logons

the real-time IT management company, today announced that it is rolling
out two-factor authentication (TFA) support for Windows logons in ADSelfService
Plus, its integrated Active Directory self-service password
management and single sign-on solution. With this support, ADSelfService
Plus enables organizations to add an extra layer of protection for
critical resources that are accessed by users through Windows-based
machines. ADSelfService Plus seamlessly integrates with Windows client
(Vista and above) and server (2008 and above) operating systems to
provide users a simple and secure logon experience across both local and
remote desktop logons.

Most organizations enforce complex passwords as a common defense against
cyberattacks. However, complex passwords are hard to remember, so many
employees resort to insecure practices like writing passwords down or
storing them in plaintext. Even if an organization properly implements
complex passwords, it may still not be enough to stay ahead of the
evolution of password cracking programs. According to a recent Forrester
reporti, almost one third of security breaches are caused
by stolen passwords. Knowing the risks associated with passwords, IT
compliance laws such as PCI
DSS have explicitly prohibited the use of passwords as the only
authentication mechanism.

Mitigating Poor Password Behavior with TFA

TFA ensures that users are authenticated twice — once through a password
and again through a fingerprint or an OTP sent to a smartphone — before
being granted access to valuable corporate resources.

“With better security mechanisms like TFA available, there’s no reason
for organizations to verify users’ identities using passwords alone. TFA
creates a two-layered mechanism that is almost impossible for an
attacker to bypass,” said Parthiban Paramasivam, product manager at
ManageEngine. “Now that we’ve broken ground on TFA for Windows logons,
we’re also working on adding contextual authentication that factors in a
user’s geolocation, IP address, local time, and device, all to further
enhance IT security.”

Highlights of ADSelfService Plus TFA for Windows Logons

ADSelfService Plus comes with a built-in logon agent for Windows, which
forces users to undergo TFA during both local and remote desktop logons.
Users have to first enter their Active Directory domain password and
then authenticate themselves using one of the supported second factors.

Pricing and Availability

Pricing for ADSelfService Plus with TFA for Windows starts at $1,195. A
fully functional, 30-day trial version is also available for download at

ADSelfService Plus is free for up to 50 users. The Free edition supports
all the features of the Professional edition, including Windows TFA,
single sign-on, and password self-service, and can be downloaded at

About ADSelfService Plus

ADSelfService Plus is an integrated Active Directory self-service
password management and single sign-on solution. It offers password
self-service, password expiration reminders, a self-service directory
updater, a multiplatform password synchronizer, and single sign-on for
cloud applications. Use the ADSelfService Plus Android and iPhone mobile
apps to facilitate self-service for end users anywhere at any time.
ADSelfService Plus supports the IT help desk by reducing password reset
tickets and spares end users the frustration caused by computer
downtime. For more information, please visit

About ManageEngine

ManageEngine is bringing IT together for IT teams that need to deliver
real-time services and support. Worldwide, established and emerging
enterprises — including more than 60 percent of the Fortune 500 — rely
on our real-time
IT management tools to ensure tight business-IT alignment and
optimal performance of their IT infrastructure, including networks,
servers, applications, desktops and more. ManageEngine is a division of Zoho
Corporation with offices worldwide, including the United States, the
Netherlands, India, Singapore, Japan and China. For more information,
please visit;
follow the company blog at
and on LinkedIn at,
Facebook at
and Twitter @ManageEngine.

ManageEngine is a trademark of Zoho Corporation. All other brand names
and product names are trademarks or registered trademarks of their
respective companies.

Tags: ManageEngine, real-time IT, Zoho, Active Directory, password
management, single sign-on, two-factor authentication, TFA, Windows,
cybersecurity, PCI DSS, GDPR, help desk, IT management

i Best Practices: Selecting, Deploying, And Managing
Enterprise Password Managers; Forrester Research, Inc.; By Merritt
Maxim, Andras Cser with Stephanie Balaouras, Salvatore Schiano, Madeline
Cyr, Peggy Dostie; January 8, 2018

View source version on

Leave a Comment