DUSKWatch EZ 2FA provides strong two-factor authentication to control users’ identities and to ensure secure access to digital assets and web services with easier means of authenticating. Not relying on any complex public key infrastructure, DUSKWatch EZ provides directory-based permissions to access the organization’s data.

Implementing high-assurance strong authentication to substantially reduce the risk from password breaches prevents criminals from easily being able to use compromised credentials. Ease of use and ease of integration to existing systems to quickly comply with modern industry security standards.

Protect Accesses To Privileged Account

One of privileged identity management best practices is to add strong authentication to privileged administrator accounts with standing access to sensitive data or access to critical configuration settings. DUSKWatch EZ 2FA makes it harder for attackers to access critical accounts that act as a gateway to the organization’s most valuable assets, and even its entire IT infrastructure.

DUSKWatch EZ 2FA not only protects accesses to administrator accounts running on workstations but also on servers.

Security For On-Premises et Hybrid Deployment Models

Whether your network environment comprises workstations running Windows 7 and later that still relies on Windows Server 2008 or later, DUSKWatch EZ 2FA is a simple and flexible solution for adding a second authentication factor to reduce unnecessary risks.

Based on public key cryptography, DUSKWatch EZ 2FA offers an easy-to-deploy security for on-premises and hybrid networks. When coupled with FIDO dongles, the solution also provides interoperable authentication for online services.

Easy access management for the following network models:

  • On-premises
  • VPN
  • Remote Desktop
  • Hybrid: AD FS, Sync, Office 365 SSO
  • FIDO Web Services

More Reliable Than Third Party Multi-Factor Authentication

Why not authenticate using biometrics, OTP tokens or out-of-band authentication methods such as push, SMS, Text or voice messages? First because DUSKWatch EZ 2FA is more reliable: if biometric is compromised, it is not reversible, not to mention that fingerprints are easily copied because left everywhere. Less expensive and more operable than OTP tokens that do not work offline, and last and not least, more secure than out-of-band SMS according to NIST Special Publication 800-63B.

This position is also supported by the European Union Agency for Network and Information Security. Click here to read the CERT-EU white paper on authentication methods.

Click here to read the NIST Special Publication 800-63B.

Cloud Single Sign On (SSO)

Safely connect to On-Premises networks and automatically benefit from SSO capabilities when switching to Cloud environment. Ideal solution for hybrid deployment.

Token Form-Factors

DUSK-EZ Card Token remains a sound choice because all cryptographic operations are performed directly on the chip.

DUSK-EZ Hybrid combines the high-level security of a microprocessor with the flexibility of a USB connection to eliminate the need for card readers.

FIDO Dongle: Any third-party FIDO-enabled device can be used by the solution.

Administrator Management

The DUSKWatch Manager is an administrator tool used for token and dongle management. It provides a device inventory list, log records of token connection activities as well as easy token revocation.


  • Public key cryptography
  • Cost-efficient security
  • Easy to use and to integrate
  • Raise trust and deter criminals
  • Reduce password breaches
  • GDPR compliance
  • Phishing-resistant
  • Strong authentication for workstations and servers
  • Scheduled for early 2019
Brochure Brochure