Idenprotect for Windows is a passwordless authentication solution for Windows desktops, servers, and virtual desktop infrastructure (VDI). It replaces traditional passwords, Windows Hello, and smart cards by acting as a custom Windows credential provider that delegates authentication to the Idenprotect Passport mobile application. Authentication Flow: When a user attempts to log in, the credential provider sends a push notification to the user's enrolled mobile device. The user verifies their identity using the device's built-in biometrics (fingerprint or facial recognition). Confirmation is relayed back to the Windows client, granting access. For offline scenarios, a time-based one-time passcode (OTP) generated within the Idenprotect Passport app is used instead. Key Capabilities: - Passwordless login for Windows 10, Windows 11, Windows Server 2016/2019/2022 - VDI and RDP session authentication - Privileged "Log On As" access with audit trail - Offline authentication via TOTP - Out-of-band authentication using a separate mobile device - Centralized web-based management console for user enrollment, policy management, and access monitoring - PKI-based encryption for all authentication data in transit - SIEM log export and RESTful API integration - Compatible with Active Directory and LDAP-based directory services - Supports cloud-based or on-premises deployment - Aligns with NIST SP-800 and PCI DSS v4.0 compliance standards - Mobile app supports iOS 13+ and Android 7.0+