The employee authenticates once to the MyCena platform — typically with biometric or hardware token, the same way they unlock their device. From that point, every system they access through MyCena appears as a clickable connection. They click. MyCena injects the credential. They are in.

The credential is distributed to the device in encrypted form. At the moment of connection, MyCena decrypts it locally and injects it into the authentication protocol for that system. The browser or application never displays it. It is never written to the clipboard. It is never stored in the user's profile. The injection happens below the application layer — invisible to the user, invisible to any screen recording or shoulder-surfing attempt.

For different protocol types — RDP, SSH, HTTPS applications, legacy systems — MyCena uses the appropriate injection method. The employee experience is identical regardless of the underlying protocol: one click, connected.