How to enable passwordless authentication over RDP for RSA MFA Agent For Microsoft Windows 2.3.6 and higher
Originally Published: 2025-09-01
Article Number
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: MFA Agent For Microsoft Windows
RSA Version/Condition: 2.3.6 or above
Issue
Passwordless authentication is not directly supported for RDP in the same way as local logon.
Resolution
For RDP to work with passwordless authentication:
- The source machine (from which the RDP session is initiated) must be RSA passwordless-enabled. Authentication happens locally on the source machine first. Once successful, a smart card logon certificate for the authenticated user is shared with the destination machine.
- The destination machine must have the Smart Card Credential Provider enabled (not filtered out) so that the incoming certificate can be used for authentication.
- The destination machine (to which the RDP session is sent) must either:
- Have the same user account present locally, or
- Be in the same ecosystem/tenant so that Windows can validate the shared Smart Card logon certificate.
Related Articles
What are the services and processes running on the Enterprise Manager Enterprise Coordinator and Remote Site Coordinator … Number of Views Revoke User’s Agent Passwordless Login Certificate in the Cloud Administration Console Number of Views How to enable Active Directory diagnostic event logging. Number of Views Access Policy 2.0: Easily Rollout Passwordless to the Masses Number of Views AM 7.1- can the isMemberOf attribute in SunOne DS 6.X be used in an identity source mapping filter Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third …
Don't see what you're looking for?
