This feature is not enabled by default for all customers. Please contact your HYPR Customer Success manager if you’d like to access this functionality.
With HYPR’s Roaming User feature, users can pair their mobile device once then log into any Windows computer in the domain by scanning a QR code displayed on the login screen. This type of access extends True Passwordless MFA to the following use cases:
- Users who frequently need to log into more than one machine within the same domain
- Users whose organization offers a hotdesk environment where shared workstations are accessible to any employee without assigned seating
- Helpdesk admins who need quick access to their end users’ machines
- Users who need to access “stateless” virtual desktop machines where workstations are wiped to a clean slate (requires additional configuration: see Configuring Stateless VDI Logins below)
Support for Windows 10 virtual desktops is available immediately, with implementation of other third-party VDI vendors such as VMWare and Citrix to follow later
To make the Roaming User functionality available, an Administrator must first enable the feature on the Workstation Settings screen in the HYPR Control Center. Roaming Users is disabled by default.
PAIR AGAIN TO USE THIS FEATURE!
After the Roaming Users feature is activated in the Control Center, users will need to re-register their mobile device with the HYPR Workforce Access application
First, the user must pair a mobile device with any computer in the domain by scanning the QR code presented by the HYPR Workforce Access Client app:
The first paired computer is the user's default computer and won’t have the option to scan a QR code to unlock. The user will need to tap on the computer button in the HYPR Mobile App as usual.
The user can subsequently select the Scan QR Code to Login option on the login screen of any other domain-joined computer which has the HYPR Workforce Access app installed, then simply scan the code with the HYPR Mobile App to access the machine.
Enabling stateless Virtual Desktop Infrastructure (VDI) logins requires some additional configuration of the HYPR Workforce Access client application. There are three ways to achieve this:
Manually add the
Non Persistent Vdi registry key and set the value to 1:
Please refer to the Installation and Configuration page for instructions on how to update the registry as part of a silent installation.
Check the Non persistent VDI box during the installation process:
HYPRNONPERSISTENTVDI=1 parameter to the installation script command:
msiexec.exe /qn /i .\EmployeeAccess.msi HYPRAPPID="WindowsUnlock" HYPRRP="https://my.host.com/rp" HYPRSUPPORT="[email protected]" HYPRHASH="abcdef...fedcba" HYPRTEMPLATE="HYPRUser" HYPRNONPERSISTENTVDI=1
Updated 5 months ago