Credenti Tap for Windows

Passwordless Login for Windows That Just Works

Tap a badge. Unlock with a phone. No usernames. No passwords. Finally, secure Windows login made effortless — even offline or in shared mode.

Get Started



Passwordless Login for Every Role

Collage showing diverse frontline workers including a police officer, doctor, retail worker, firefighter, scientist, factory worker, hotel receptionist, and fast-food employee — representing various industries served by Credenti’s passwordless login solutions.

Locking Down Auto-Login & Shared Accounts Vulnerabilities

Some Windows systems are configured with auto-login accounts — launching the desktop without requiring any user authentication after a reboot. This introduces major security and auditability gaps: there's no reliable way to track who accessed the system, when, or under what identity.

Credenti Tap solves this: it leverages the autologon account to boot into the Windows session, but immediately locks the screen and holds access until a registered user taps their badge to authenticate.

Eliminates shared credentials and generic passwords — each login is tied to a verified individual via badge or mobile identity

Preserves the speed of autologin without sacrificing accountability

Enforces identity verification before granting access

Enables audit logs tied to individual users

Solving Windows Login & MFA Gaps

Credenti Tap brings true passwordless security and convenience to every Windows environment.

The Identity Provider Challenge

❌

MFA not enforced natively at Windows lock or login screens

❌

Shared device and kiosk mode support is limited or insecure

❌

Offline access often breaks identity workflows

❌

No SSO for disconnected app on macOS

❌

No badge tap as a MFA factor in IDP

How Credenti Tap Fixes It

MFA at the Windows login and unlock screens

Supports secure session switching with badge tap

Supports badge tap as a factor in IDP like Okta

Fully functional offline login with local validation

SSO for disconnected apps

Authentication Options

Supports fallback authentication factors like PIN, TOTP, and security questions in case a badge is forgotten or unavailable

Access Windows machines with your smartphone using passkeys, biometrics, or Bluetooth proximity detection

PIN or password can be configured via policy as an optional second factor after badge tap

Configurable grace periods allow users to skip re-entering 2FA for a defined time window after recent verification

Supports SentryCard for unified physical and logical access. Learn about SentryCard integration →

Supports a wide variety of secure RFID cards and readers. View supported hardware →

Platform Compatibility & Admin Features

Supports local user provisioning for knowledge workers — admins don’t need to manually set up profiles on every machine

Compatible with NetMotion Mobility VPN (now Absolute Secure Access) — critical for uninterrupted access in patrol vehicles and public safety deployments

Allows multiple card enrollments per user — enforceable via policy

Supports self-service badge enrollment for faster onboarding

Easy badge management for admins. Explore admin delegation →

Bulk enrollment and unenrollment of badges. See badge management tools →

Policy-based switching between generic or user-specific profiles on shared devices

Single badge enrollment supports both standard and privileged/admin account access

Supports identity platforms including Okta, Entra ID (Azure AD), and CyberArk

Supports Windows 10, 11, and Server editions

Works on desktops, laptops, tablets, and virtual machines

Compatible with HID and all PC/SC-compliant readers

Integrated with Microsoft Active Directory and Entra ID (Azure AD)

FAQs

Frequently Asked Questions

Can I use a badge to log into Windows?

Yes. Tap your RFID badge on a supported reader to securely log in — no password needed.

View full hardware compatibility

Does it work on shared and multi-user systems?

Yes. Users can switch sessions or take over machines securely via badge tap.

What happens if the device is offline?

Users can still authenticate using their enrolled badge credentials.

Can I log in without a badge?

Yes. The Credenti Now mobile app supports proximity unlock and passkey login.

Is this integrated with Active Directory?

Yes. Credenti Tap integrates with on-prem AD and Microsoft Entra ID (Azure AD).

Can I use badge tap as an MFA factor in Okta?

Yes. You can use badge tap as a MFA factor in Okta login flows and dashboards.

Can I use badge tap as an MFA factor in Entra?

You can use badge tap as a external MFA factor in Entra login flows.

Can I lock or sign out of a machine using badge tap?

Yes. If the machine is already unlocked, a second badge tap can lock the session or sign the user out, depending on policy configuration.

What if a user forgets their badge?

A temporary badge can be issued and enrolled. Users can also use fallback factors like their phone or any MFA methods supported by the identity provider (e.g., Okta, Entra ID).

Can one badge tap control multiple machines?

Yes. With a single badge tap, users can sign in, lock, or unlock all machines in the cluster simultaneously — ideal for trading floors, police control rooms, call centers, and surveillance stations.

Learn more →

‍

Can users log in if the machine is not joined to a domain?

Yes. Credenti Tap supports login on non-domain-joined Windows machines, making it ideal for workgroup devices, standalone systems, or machines outside traditional IT control.

Ready to Secure Windows Logins the Modern Way?

Passwordless access. Seamless experience. Built for enterprise Windows environments.