Authenticator app / TOTP
Google Authenticator, Microsoft Authenticator, Authy — any RFC 6238 app. Scan the QR and you're done.
2FA · SECOND LOGIN LAYER
A second lock on your PC, after logon.
A leaked password, scribbled on a sticky note or shared between coworkers isn't enough to get in anymore. Logon Guard requires a second factor before releasing the desktop. Installs in 5 minutes, no special hardware.
// try it
See TOTP working — right now, in your browser
We generate a test RFC 6238 secret just for this tab, here on the client. Pair it in your authenticator app and validate the code — the same algorithm as the app, no server and no sign-up.
1 · Pair
↗ Open in phone app
Add this secret to Google Authenticator, Authy or Microsoft Authenticator — by manual entry, or tap to open on your phone.
··· ··· ···
2 · Validate
Enter the 6-digit code the app shows for this secret.
0
independent factors
<5min
to set up
0
extra hardware
0%
offline after activation
// the thesis
A password, anyone can guess. A second factor, they can't.
[ 01 ]
Three ways to prove it's you
Pick one or combine them. Backup codes make sure you're never locked out.
Authorized USB drive
An ordinary USB drive becomes a physical key. Plug it in, unlocked. Paranoid mode binds it to the drive's hardware.
Backup codes
One-time codes for when you lose your phone or forget the USB drive. Your safety net.
Windows Home and Pro
Runs on any Windows 10/11 edition. No domain, no server, no corporate license.
Multi-monitor
The lock screen covers every monitor and reappears after the native unlock (Win+L).
Setup in minutes
A 6-step wizard. Installs, configures the factors and starts automatically at each logon.
[ 02 ]
Ready in three steps
01
Download and install
Lightweight installer for Windows 64-bit. In your user profile, no admin privileges.
02
Configure the factors
The wizard guides you: scan the QR, pair the USB drive and save the backup codes.
03
Work armed
At every logon or unlock, the Logon Guard screen asks for the second factor. That simple.
[ 03 ]
The interface, up close
Real screenshots of the app. Click to enlarge. App UI shown in Portuguese — English localization is on the roadmap.
Guided setupA 6-step wizard takes you from zero to protected in a few minutes.
[ 04 ]
Serious cryptography, data on your PC
No passwords in spreadsheets or secrets flying around. The standards are the same the industry uses.
DPAPI · CurrentUser
Secrets protected on the device
Config encrypted by Windows DPAPI. Secrets never leave the machine.
RFC 6238 · anti-replay
Industry-standard TOTP
The same algorithm banks and big services use. Each code is valid only once.
Ed25519
Licenses signed with elliptic curve
License certificates with a digital signature — impossible to forge without the server key.
Argon2id
Backup with resistant hashing
Recovery codes never in plain text — only the brute-force-resistant hash.
[ 05 ]
Where Logon Guard fits
Enterprise protection is expensive and needs infrastructure. Having nothing is a risk. There's a middle ground.
| Password only | Logon Guard | Enterprise suite | |
|---|---|---|---|
| Second factor after logon | —no | YES | YES |
| Works on Windows Home | YES | YES | —no |
| No AD domain / Microsoft 365 | YES | YES | —no |
| No mandatory FIDO2 hardware | YES | YES | —no |
| Deploys in minutes | YES | YES | —no |
[ 06 ]
Download Logon Guard
For Windows 10 and 11 (64-bit). Version 0.1.0. The 7-day trial starts on first run.
.EXErecommended
Installer
Installs and sets up auto-update. Most people should pick this one.
↓ Download installer.ZIP
Portable version
No-install package, to test or run from a folder. No auto-update.
↓ Download portableDid Windows show a SmartScreen warning?
On new installers, Windows may show "Windows protected your PC". It's expected while the app builds reputation on SmartScreen. Click More info → Run anyway. For your safety, always download from the official GitHub repository — every release stays public there, open for inspection.
[ 07 ]
Frequently asked questions
Does this replace my Windows password?
No. Logon Guard adds a layer after logon. Whoever has the password gets into Windows, but stays stuck on our screen until they present the second factor.
What if I lose my phone and USB drive?
That's what the one-time backup codes generated during setup are for. Keep them somewhere safe — they unlock access.
Do I need internet all the time?
No. License activation is online once; after that the app works offline. The license is perpetual — it never expires or needs to re-validate.
Does it work without admin rights?
Yes. It installs in your user profile and starts via a scheduled task at logon, with no elevation.
How does the per-company license work?
You buy a batch of keys; each key activates 1 PC. A seat can be released and reused on another machine when a computer is replaced.
// ready?
Close that gap today.
Install it on one machine and watch the lock screen in action in under five minutes.
Arm my PC — free for 7 days