A user can be bypassed for several reasons. In this article, we collected the most common causes of users getting bypassed during Two-Factor Authentication.
User’s Device Is Trusted
Administrators can allow users to remember their devices. If a user decides they want Rublon to remember their device, they can check the checkbox on the Rublon Prompt, and every consecutive login will skip the second authentication factor.
Administrators can change the duration of remembered devices in each policy in the Rublon Admin Console.
READ MORE: Trusted Devices
User Status Is Set to Bypass
An administrator can set a user’s status to Bypass in the Rublon Admin Console.
To set a user’s status to Bypass:
Sign in to the Rublon Admin Console.
Select the Users tab.
Click the username of the user you would like to edit.
Set Status to Bypass and click Save.
A bypassed user will not have to undergo Two-Factor Authentication.
Enrollment Type Is Set To Manual Bypass
If your Enrollment Type is set to Manual and Handling of unknown users is set to Bypass, then any unknown user who has not been manually added to the Users tab by an administrator will be automatically added to the Users tab with a Bypass status. Therefore, the user will be bypassed.
The Manual Bypass Enrollment Type is quite useful when you’re deploying Rublon on a new server and don’t want MFA to be triggered for users who have not been informed about the MFA deployment. However, we recommend you set Handling of unknown users to Deny for better security.
You can change your Enrollment Type settings in the Settings tab in the Rublon Admin Console.
User Is Bypassed Due to Authorized Networks Policy
Authorized Networks allows you to enable bypassing MFA for specific IP addresses, IP ranges, or CIDRs.
If the user who tries to log in to an application has an IP address within the range specified in the Authorized Networks policy, then the user will be bypassed.
You can create a new Custom Policy or edit the Global Policy. Authorized Networks is one of the options you can change in each policy.
Rublon Trial Has Ended
After 30 days Rublon Trial switches to Rublon Free. Only one user can be protected with the Rublon Free subscription plan. All other users are bypassed.
READ MORE: What happens after my Rublon Trial ends?
User Is Bypassed Due to Group Settings
If a user with status Active belongs to a group whose status is Bypass, then the user will be bypassed.
READ MORE: Rublon Admin Console - Groups
Rublon Servers Become Unavailable
Rublon connectors allow administrators to decide what happens when Rublon servers become unavailable (e.g., the user is offline). This option is most often called Fail Mode and can be set to Bypass or Deny.
If Fail Mode is set to Bypass, all users will be bypassed when the Rublon server becomes unavailable.
Rublon For Windows Logon & RDP Bypass Causes
The following bypass causes only apply to the Rublon for Windows Logon & RDP connector.
User Is Offline
If the user tries to log in while offline, they will be bypassed if the offlineBypass option in Windows Registry is set to 1.
Rublon Is Disabled On Selected Machine
If the disableRublon.reg file was run on a machine, then Rublon will not perform 2FA on that machine.
To enable Rublon 2FA again, run C:\Program Files\Rublon\Logon\enableRublon.reg with administrator rights.