Home
Contents
CLOSE
AuthLite Interactive Documentation
Quick Start: Install and protect Domain Admins AuthLite Features Supported Tokens Installation and Upgrading Configuration Token Management How to Log In Troubleshooting
CLOSE

Beginning with version 2.2, you can create “offline” OATH tokens that will be synchronized down to your workstations when the user logs in to the LAN.  The offline OATH token can then be used to authenticate to the workstation in cached mode, when it is away from the LAN. (Normal “Online” OATH tokens cannot be used in this way, because it's not possible to authenticate them without having a connection to the DC.)

Limitations

  • Offline OATH tokens will NOT work when the machine is connected to the LAN.
  • You cannot use an Offline token to access any LAN resources that demand 2-factor authentication.  Unlike with a YubiKey, the offline token does not support both scenarios.  You need to have a separate row for your Offline OATH token in the authenticator app, and only use it when disconnected from the LAN.
  • If you log in to an offline workstation with your Offline OATH token, then connect a VPN, you'll need the Online OATH token for the VPN.  Furthermore, LAN resources that require 2-factor auth won't work because the desktop itself has used the Offline token.  For use cases like this, the YubiKey is a far better choice.