Jamf Unlock is an extension of the Jamf Connect product that allows users to use certificate-based authentication powered by cloud identity to unlock a Mac, using Face ID, Touch ID or a rotating Pin on their iPhone. The users complete a setup process to create or generate identity credentials on their iOS device, which is then used to pair and establish trust with a Mac.
Jamf Unlock leverages Apple’s Mulitpeer Connectivity, CryptoTokenKit, and Core Bluetooth frameworks to perform wireless certificate-based authentication between a user’s mobile device and their Mac. Then the certificate for the iOS device is stored on the Secure Enclave to ensure the authentication to their cloud identity provider is secured.
Once the setup is complete users can use Jamf Unlock as an alternate authentication method in the following scenarios:
-Unlocking a Mac
-Prompts to change settings in System Preferences
-Commands executed with rot privileges with the sudo command.
As a result of being tide to your cloud IDP, it becomes easier to manage and more secure for your remote workforce.
Benefits of Jamf Unlock
– Reduced of having passwords compromised without additional hardware
– Reduced IT support request tickets for passwords resets. – Eliminate the need for passwords and leverage a password less workflow, tied to the cloud IDP, with MFA to access macOS devices.