TickStream.KeyID Winlogon is a Microsoft Windows logon credential provider that allows you to provide 2nd factor authentication to users of workstations and servers. The credential provider captures typing effort when a user logs on using CTRL+ALT+DEL.
The Activity client will run on the following systems with their minimum hardware specifications.
- Microsoft Windows 10 / Server 2016 and later
- Microsoft Visual C++ Redistributable 2019 (installed during setup)
- Download the TickStream.KeyID Winlogon setup package using the link provided to you.
- Run the setup package on the client machine you wish to install it on.
- Accept the licensing agreement. Press the ‘Next’ button to continue.
- Enter the KeyID web service address, license key and cache service TCP port (default 10127). Press the ‘Next’ button to continue.
- Press the Install button.
- Press the Finish button.
The setup package can be installed in an unattended mode suitable for automated deployment or installation from a command prompt. Values should be surrounded with quotations
"" if they contain special characters or spaces. You can specify any setting listed in the next section by prefacing it with a
/. Setting names are not case sensitive. If a setting is not specified and exists already in the registry, the existing setting will be used (upgrades will retain existing settings unless explicitly changed.) If a setting is not specified and does not exist in the registry, a default will be provided.
"TickStream KeyID Winlogon x64 Beta 4.X.X.exe" /VERYSILENT "TickStream KeyID Winlogon x64 Beta 4.X.X.exe" /VERYSILENT /WSURL="https://keyidservices.tickstream.com" /AUTHENTICATION="myauthenticationkey" "TickStream KeyID Winlogon x64 Beta 4.X.X.exe" /VERYSILENT /grantOnError=0 /sendErrors=0
TickStream.KeyID Utility allows you to view authentication history and configure various settings. The utility requires .NET Framework 4.0 (included and installed automatically by the TickStream.KeyID setup package.) To make setting changes you must have local system administrator priveleges.
Clear the log
Click Action menu -> Clear log. You will be prompted to clear the event log. This action clears the windows custom event log 'TickStream KeyID'.
Sort the log
You can sort the log by each information column.
Click File menu -> Settings. You will be prompted to restart the application with elevated priveleges if needed.
|Passive Validation||Collect and evaluate typing behavior but always allow the user access|
|Passive Enrollment||Save profile data after evaluation and continue the login process|
|Grant On Error||Allow access if there is an error communicating with the TickStream.KeyID web service|
|Send Login Failures||Send login failure statistics to the KeyID web service|
|Send Error Reports||Send crash reports to the KeyID web service|
|Windows Password Provider||If checked, disable the Windows password provider|
|Hello Face Provider||If checked, disable the Windows Hello Face provider|
|Hello Biometric Provider||If checked, disable the Windows Hello Biometric provider|
Click Help menu -> About. The current version of the Utility and TickStream.KeyID credential provider library will be provided.
The TickStream.KeyID Winlogon credential provider will now be available when logging into Windows as a sign-in option. The first time you login, type your username and password as you normally would. You will then be prompted to type your password several more times to build your KeyID profile. When the profile is completed your Windows session will start. Your typing behavior will be evaluated on subsequent logins. Your profile will also be reset if your Windows password is changed.
The TickStream.KeyID Winlogon credential provder writes to the windows application event log. The table provides information about the various events that may be raised.
|1000||Error||Unspecified error containing an HRESULT description.|
|1001||Error||Password pre-keyid-authentication failed, there was a system error|
|2000||Warn||Username contains invalid characters.|
|2001||Warn||Error fetching user SID. Username does not exist or cannot connect to domain controller.|
|2002||Warn||Password pre-keyid-authentication failed (wrong password) for user.|
|2003||Warn||KeyID profile authentication FAILURE results for KeyID profile.|
|3000||Info||Password changed since last logon, deleting KeyID profile for user.|
|3001||Info||KeyID profile authentication SUCCESSFUL results for KeyID profile.|
|3002||Info||User requested profile reset.|
|3003||Info||Passive / active enrollment profile was saved.|
Booting into Windows Safe Mode will disable the TickStream.KeyID credential provider (and other 3rd party credential providers) and re-enable the windows password provider for that session.