Platform: Microsoft Windows
Estimated Completion Time: 10m +
This article will explain how to utilize Two-Factor authentication when connecting to a remote Windows Server by using the Remote Desktop Connection application.
Before Starting this Tutorial – You must first setup Two-Factor Authentication by logging into Unity and following this tutorial: How to Setup Two-Factor Authentication through Unity
First we need to locate the Remote Desktop Connection application. This is usually found in the Start Menu, but can also be found at All Programs – Accessories.
The Application will start and you will be taken to the Quick Connect screen. If you click the Options button at the bottom left corner of the window you will be presented with options that will allow you to customize your experience.
Enter in the IP Address or Host Name of the remote server, and the Username you will authenticate with.
Click on the Display tab to optionally choose a smaller screen size for the connection. This is recommended over the default full-screen setting which can cause confusion between your local and remote desktops.
When you press Connect you will need to enter in the Password for the user.
Most servers do not have a security certificate by default. You can safely ignore this warning by clicking Yes.
You are now connected to the Remote Desktop. If Two-Factor is activated, you will need to provide a Two-Factor verification code in the Duo passcode field. First, You must specify which Two-Factor method to perform in the field by entering one of the following codes:
Perform Duo Push authentication
You can use Duo Push if you’ve installed Duo Mobile and added your account to it.
|phone||Perform phone callback authentication|
|sms||Send a new batch of SMS passcodes. Use any one of the passcodes provided to proceed.|
You can also place a number after the method name if you have more than one device linked to your account. In the example below, we submitted SMS2 to have the second registered device receive SMS passcodes. Enter the Method you want to use and click the Arrow Button
If you chose the phone or push method, you will be directed to an Authentication holding screen until verification is complete and you will be successfully logged in.
If you chose the SMS method, you will be directed to a screen confirmation screen that states “New SMS passcodes sent”. Click Ok.
You will be brought back to the RDP login page. Enter the Two-Factor Passcode you received from your SMS text message and click the Arrow Button to complete the login process.
You can obtain Bypass codes from Unity that will allow you to bypass the Push, Phone, or SMS method during Remote Desktop login. Go to https://unity.serverintellect.com and type in your Username and Password and click Login. Navigate down the sidebar to Services>Servers. Select the server you would like to recieve the bypass codes for and then go to the Security tab followed by the Two-Factor tab. You can retrieve a bypass code for the Username/ RDP login username you are attempting to login to by clicking Get Bypass Code.
If you have Two-Factor in Bypass Mode and attempt to login through RDP, you will still need to submit something into the “Duo Passcode” field for a successful login. Since Two-Factor is in Bypass mode and no longer Active, you can type in anything you like and it will accept it as a Duo Passcode.