Citadel Workstation
Login to your OS with strong MFA
Security keys are the strongest form of multifactor authentication to integrate natively with all operating systems. Harness the power of Public Key Infrastructure to deliver an OS login that meets the highest security standards across Windows, Mac, and Linux.
Achieve the strongest form of multifactor authentication supported by every operating system. With security keys tied to a corporate chain of trust, it’s impossible for attackers to steal credentials, move laterally, or escalate privileges. A touch of the security key and a PIN unlocks its private key. Only an unlocked key signs the challenge to be cryptographically verified by the OS’s smart card subsystems. No trusted user, no login.
Authentication management and infrastructure
The way to
manage stronger
OS logins
An app for smooth enrollment
The 0pass App gives an easy enrollment flow for every employee—whether they’re in HR or engineering. The App runs on Mac, Windows, and Linux, tying the key to the account and a corporate chain of trust. Just a few clicks and it’s ready to use.
Integrates with OS subsystems
Your security key will works with the smart card support inherent in Windows, Mac, and Linux to authenticate the user. Using native OS systems means full compatibility across all OS versions; no need maintain additional software for OS logins.
Handles the certificate lifecycle
We do the heavy lifting for certificate issuing, management, and revocation. The 0pass App handles certificate renewals. A security key signed by a trusted certificate authority creates a cryptographic trust between it and the accounts that it unlocks.
Manage users and their security keys
Manage users, their keys, and their access to enroll in different levels of trust. Admins can also configure security options like lockout thresholds for incorrect PIN attempts. Employees can simply plug their key in and get to work.
How trust is established
Your questions, answered.
Why get rid of passwords for OS logins?
Why use native OS support for login instead of an app that handles the login?
What is the connection between YubiKeys and smart card technology?
What happens if a user loses their security key?
How does a YubiKey’s PIN and a password differ?
What if the security key is stolen?
Does Citadel provide audit logging capabilities?
Can the 0pass App (used for enrollment) and system settings be deployed remotely?
Is this cloud hosted or on premises?
Why use Citadel with a security key instead of a phone app for MFA?
Can we use our own certificate authority?