How to enable passwordless authentication over RDP for RSA MFA Agent For Microsoft Windows 2.3.6 and higher
Originally Published: 2025-09-01
Article Number
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: MFA Agent For Microsoft Windows
RSA Version/Condition: 2.3.6 or above
Issue
Passwordless authentication is not directly supported for RDP in the same way as local logon.
Resolution
For RDP to work with passwordless authentication:
- The source machine (from which the RDP session is initiated) must be RSA passwordless-enabled. Authentication happens locally on the source machine first. Once successful, a smart card logon certificate for the authenticated user is shared with the destination machine.
- The destination machine must have the Smart Card Credential Provider enabled (not filtered out) so that the incoming certificate can be used for authentication.
- The destination machine (to which the RDP session is sent) must either:
- Have the same user account present locally, or
- Be in the same ecosystem/tenant so that Windows can validate the shared Smart Card logon certificate.
Related Articles
Revoke User’s Agent Passwordless Login Certificate in the Cloud Administration Console Number of Views What are the services and processes running on the Enterprise Manager Enterprise Coordinator and Remote Site Coordinator … Number of Views Access Policy 2.0: Easily Rollout Passwordless to the Masses Number of Views Amazon Web Services Identity Router Deployment Requirements Number of Views AM 7.1- can the isMemberOf attribute in SunOne DS 6.X be used in an identity source mapping filter Number of Views
Trending Articles
How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle RSA SecurID Software Token 5.0.2 for Windows Desktop displays message after reboot due to roaming profile: No token stor… RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Release Notes for RSA Authentication Manager 8.8
Don't see what you're looking for?
