HID® DigitalPersona®

Advanced multi-factor authentication solution for workforce
person holding a laptop

Multi-Factor Authentication Software

HID DigitalPersona is an industry-leading, multi-factor authentication (MFA) solution that provides passwordless desktop authentication that is easy to deploy, adopt and manage, enabling rapid and secure log-in to Windows, networks and applications via biometrics, mobile devices, physical access badges, smart cards and security keys. Combining security and usability, HID DigitalPersona employs one of the widest arrays of authentication methods and form factors in the industry, enabling a Zero Trust security approach that evolves with security standards, technologies and industry regulations.

Enterprise users can quickly and securely log into their Windows workstations as well as gain access to corporate virtual private networks (VPN) and any federated or non-federated web, legacy or cloud applications, such as Microsoft 365, Salesforce, Citrix applications and more. Consumers can seamlessly confirm their identity and authenticate transactions.

The HID DigitalPersona software:

  • Is an advanced MFA solution for logging onto the Windows OS, including passwordless authentication and the ability to combine up to three factors to suit your organization’s security needs
  • Supports the widest range of form factors in the industry including security keys, smart cards, physical access cards, Bluetooth® devices, hardware and software tokens, passkeys, etc.
  • Perfectly suits a wide range of enterprises, such as financial services, healthcare, manufacturing, retail, call centers, law enforcement — or when multiple users need to easily and securely share the same workstation and the same Windows session
  • Deploys on Windows Active Directory, Azure Active Directory or LDS (Lightweight Directory Services) server. Utilizes the Windows built-in tools for user management in Active Directory and policy deployment via GPO (Group Policy Object).
  • Allows for app integration using OpenID Connect, WS-Fed protocols or SAML2P protocol
  • Has a user-friendly interface for easy self-enrollment of credentials and authentication policy enforcement
  • Offers a password manager feature which securely stores users’ log-on credentials to various resources — such as non-federated websites, Windows applications (Skype, Thunderbird, custom police apps), terminal emulators (VT100) — and then releases them as needed upon user authentication. For highest security, can optionally randomize passwords for accessing those resources.
  • Supports FIDO2-certified authentication devices, such as HID Crescendo®smart cards and security keys (USB-A,USB-Cand NFC) as well as third-party authenticators
  • Enables MFA for VPN, RDP Gateway, etc. where RADIUS is used for authentication
  • Creates DP reports. DigitalPersona helps to meet compliance requirements by leveraging Microsoft events forwarding to collect security events and utilizing MS Power BI for reporting.
  • Includes DigitalPersona ADFS extension to enable the addition of multi-factor authentication to your ADFS deployment — including biometric authentication, such as face and fingerprint

Start a free DigitalPersona trial >>

Authentication Factors

Multi-Factor Authentication for Windows Logon:

  • Something you KNOW — Windows password or PIN as user knowledge authenticators
  • Something you ARE — Fingerprint or face recognition biometrics as user inherent authenticators
  • Something you HAVE — One-time password (OTP) tokens; smart credentials (smart cards and security keys, such as HID Crescendo) with support for FIDO2, PKI, OATH; PACS credentials (contactless cards, contactless writable cards, mobile IDs); Bluetooth® Low Energy and NFC devices as user possession authenticators

Technical Specifications:

  • Client Software Operating Systems — Windows 11, Windows 10, Windows 8.1 (desktop mode), Windows Server 2016, 2019, 2022
  • Server Software Operating System — Windows Server 2022, 2019, 2016 and 2012 R2
  • VDI (Virtual Desktop Infrastructure) — RDP, ICA (Citrix), VMWare Horizon, VMWare Blast. NOTE: USB virtualization and authenticator protocols vary by VDI product.

Start a free DigitalPersona trial >>