Multi-factor authentication to Microsoft RDP (Remote Desktop)

Secure login (MFA/2FA) to Remote Desktop Protocol
Learn more

Passwordless login with the ProID Mobile app

Secure Remote Desktop Administrator Logon

The Microsoft Remote Desktop Protocol (RDP) allows both administrators and users to remotely access remote computers or servers. RDP is used as a remote access or Remote Desktop Services technology.

It is important to maintain strict security measures for these operations to minimize the risk of unauthorized access to connected devices. Our solution complements the regular login to RDP with another factor – secure two-factor authentication using the ProID Mobile mobile method.

ProID and Remote Desktop Protocol integration

  • RDP connection in ProID Mobile is handled through the Remote Desktop Gateway (RD Gateway), which is part of  Remote  Desktop Services (RDS)
  • ProID Mobile supports RADIUS authentication using a SW token
  • Only the push method is supported as a user authentication method for RDG
  • Remote Desktop Services supports RADIUS authentication
  • Authentication levels:- Network Policy Server (NPS) acts as the first factor- ProID Mobile as the second factor (Radius proxy)
  • It is possible to install as a SaaS (cloud service) or on-premise on servers inside the organization


  • User identities originating from the customer’s Azure Active Directory (AAD) – AAD ProID trust
  • Install ProID RADIUS Proxy (communication with RADIUS-Cloud application) – Existing Windows Server can be used
  • Remote Desktop Services (RD Gateway)

Multi-factor authentication to Microsoft Remote Desktop Services via Radius Gateway

How it works:

  • The TS Gateway server acts as an intermediary between the client device (external to the domain) and the internal computers in the domain.
  • When a user initiates an RDP connection to an internal computer, RDP traffic is encapsulated in an SSL-encrypted tunnel and sent to the TS Gateway server.
  • TS Gateway uses Network Policy Server (NPS) to authenticate the user and their permissions to access the requested internal computer.
  • After authentication and authorization, the TS Gateway server forwards the RDP traffic to the appropriate internal machine in the domain and allows the RDP session to be established.

Using the ProID Mobile app for secure login

Latest integrations

…and many others

Are you interested in our solution? Contact us

    [honeypot honeypot-453]

    By filling in the form you agree to the processing of your personal data.