’s built-in MFA can be used as a secondary layer of authentication for logging into the Kron

for its online features (Approval Management, Geo-Fencing, and Password Manager). 

After these settings were done and a login operation was started on the Kron PAM Mobile Client 

will automatically look for a Registered Token in its Offline Tokens with the name that matched the 

 parameter. If there is a registered token with another name, then it will prompt the user to change the registered token. The user selects yes and the page forwards to the token page for entering a new token. If the token is matched user can log in. The current six-digit value of the Offline Token is validated with the Kron PAM server, login will be successful.

If there’s no Registered Token in the Kron PAM Mobile Client 

and MFA is enabled with the parameter above, registering token also requires a Multi-Factor Authentication. The system will send a one-time password (OTP) user’s phone number. The user will be asked to enter the OTP on 

The Kron PAM Mobile Client  MFA functionality works only with the registered tokens to ensure that the offline tokens are only working in one Kron PAM Mobile Client at a time. 

Exporting and Importing Token

Protecting Tokens with MFA

Geo-Fencing

Two-Factor Authorization

3.7.0 Logging in with LDAP, RADIUS, or TACACS+ Credentials

Logging in to Kron PAM

Registering as a New User

Changing the Interface Language

Logging in with SSH Key

Connecting Kron PAM with SSH/Telnet Proxy

Logging in with Session User via SSH/Telnet Proxy

Logging in Manually via SSH/Telnet Proxy

Logging in with Globalusername via SSH/Telnet Proxy

Logging in with Assigned Credentials via SSH/Telnet Proxy

Connecting with Kron PAM SSH/Telnet Proxy via Web GUI

Connecting to Target Device with IP address for SSH Proxy

Connecting to Devices with Managerial Approval via SSH

Command Filtering for SSH/Telnet Proxy

Admin Message and Kill Session

Kron PAM Session Manager

Connecting to Remote Devices with RDP/VNC Proxy

Accessing Remote Application

Connecting to RDP/VNC Proxy via Kron PAM Desktop Client

Connecting to Devices with Managerial Approval via RDP

Temporarily Disabling RDP Key Logging

Changing RDP Session Settings

Connecting with RDP/VNC Proxy

Connecting to Kron PAM HTTP/HTTPS Proxy via Web Browser

Configuring Kron PAM Desktop Client

HTTP Proxy SSL/TLS Mode

Brute Force Protection

Auto-Login with Two Different Authentication URLs under the Same Web Server

HTTP Auto Login

HTTP/HTTPS Proxy

Connection Reservation

SQL Proxy

SFTP Proxy

Data Access Manager

Check Out Password

Account Permission Types

Password Reservation for Future Dates

Managing Account Groups

Password Vault

Multi-Factor Authentication (MFA)

Checking the Approval Status and Approving Manager of Pending Requests

Managing Approvals

Approval Management for End Users

TACACS+ Access Manager

Sample Configuration for Windows

Sample Configuration for Linux

RADIUS 802.1x Configuration

Kron PAM Secure Remote Access

End User Guide

Setting Up Kron PAM Desktop Client

Changing the Kron PAM Desktop Client Language

Configuring a Server

Using HTTP Proxy in SSL/TLS Mode

Connecting to the Target Device via Kron PAM Desktop Client

Searching Target Devices in the Kron PAM Desktop Client

Adding the HTTP Proxy Certificate to The Trusted Certificate Store

Categorizing Frequently Used Devices

Logging Out

Windows

Ubuntu

Mac OS

Starting Kron PAM Desktop Client from Command Line

Windows Authentication Feature on Kron PAM Desktop Client

SAML Integration on Kron PAM Desktop Client

Detailed Log Mode for Kron PAM Desktop Client

Desktop Client User Guide

Enabling and Disabling Pin Code

Logging in with Kron PAM User

Getting Started with Kron PAM Mobile Client Application

Offline Token

Two-Factor Authentication

Approval Management

Password Management

Mobile Client Application User Guide