Abstract: Mobile push user authentication for native client based logon is described. In one method, an authentication server receives from a user interface at a native client a password for native-client based logon to a remote server. The method determines whether a portion of the password includes a one-time password (OTP). When the password includes an OTP, the method validates the remaining portion of the password as a first authentication factor, and validates the OTP as a second authentication factor. When the password does not include an OTP, the method sends a mobile push notification to a registered device, validates the password as the first authentication factor, receives a response to the mobile push notification, and validates the response to the mobile push notification as the second authentication factor. The native-client based logon is authorized when the first authentication factor and the second authentication factor are validated.

Abstract: A method for managing offline authentication. The method may include 1) identifying an attempt, by a user, to access a client device, wherein accessing the client device requires the user to be authenticated, 2) determining whether the client device is offline, 3) in response to determining that the client device is offline, authenticating the user using offline authentication, wherein offline authentication does not require an active network connection with a remote authentication service, 4) upon successful authentication of the user using offline authentication, allowing the user to access the client device, 5) monitoring the network-connection state of the client device, 6) detecting that the client device is online, and then 7) in response to detecting that the client device is online, locking the client device in order to require the user to reauthenticate using online authentication, wherein online authentication requires the active network connection with the remote authentication service.