Hi everyone! We are happy to announce that Duo for Microsoft RDP/Windows Logon 4.0.1 featuring offline access has been released. You can head straight to the documentation page for the new installer and setup instructions for offline access.

Here are the details:

• Duo for Microsoft RDP/Windows Logon now supports local offline authentication with Duo Mobile Passcodes and Security Keys (such as YubiKeys).
  • Duo Administrators can enable and configure Windows Offline Access settings on the properties page of their RDP/Windows Logon application in the Duo Admin Panel.
  • The following options may be configured for Offline Access:
    • Limit offline access to certain Duo Groups.
    • Prevent offline login after either a set number of offline logins are completed or after a set time period offline.
    • Allowed offline authentication methods: Duo Mobile Passcode, Security Key, or both.
      
      
• Offline authentications completed with a Duo Mobile Passcode or Security Key are reported in the Authentication Log the next time the user completes an online authentication.
• See the list at the bottom of these notes for bug fixes bundled with this release.
• Check out offline access in action in this video.

This new version also features bug fixes:

• The UsernameFormatForService setting now respects GPO.
• The password field for Windows Logon is now cleared after entering an incorrect password.
• White space has been removed from registry configuration values to reduce errors when installing Windows Logon.
• The Windows Logon log now indicates when Duo for Microsoft RDP/Windows Logon is disabled due to a “prompt for RDP only” configuration.
• Only Administrative accounts have access to local log files for the integration.
• When using a “prompt for RDP only” configuration, the application now uses the correct registry key to determine whether a session is remote.