Implementing Windows 10 QR code login from scratch

Levente Peres 6 Reputation points
2022-02-20T16:46:24.467+00:00

Dear Everyone,

I'm new here so please be patient if my question is already answered, too broad or otherwise inappropriate. I try to maintain a sense of targetedness, but I do feel that this is a very wide topic.

I really want to learn about how Windows authentication works, and for that purpose I set out to implement a system that will enable users to use their smart phones to read a QR code and log in into their Windows 10 machines. The actual credentials and rights would be stored in Active Directory. This is the basic concept.

My problem is that I can't seem to find a good starting point for all this. I need to learn a lot, I realize that, but that's kinda the point here. I don't want a quick fix, I want to do this right.

If some of you have already done something similar, could you please be so kind as to point me towards relevant online sources to learn about:

  • How windows implements and handles logins trough the "login screen" or "lock screen", and what APIs are there to interface/integrate with that using C# or anything similar?
  • How to redirect further Windows interactive logins to the authenticator (like when you open a Windows share) after the user is past the login screen, again what APIs are there, what you need to tie into, how that works, etc?
  • How some of the already implemented solutions achieve secure authentication? It's not just the method to log in an user - I'm also interested in how to do this in a "secure" way?
  • Since you have done this and I have not - anything and everything you think would be useful, mandatory to do, learn and know to do what I want to do...

Please understand that I'm starting from scratch on this so if you would be kind enough to help point me in the right direction, I'm relying on your experience to know what helps me the most.

Thank you sincerely for any information you can give me on this.

Levente

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,465 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Lawrence Winstead 6 Reputation points
    2022-10-27T21:45:29.367+00:00

    Levente,

    This is a fantastic question! I don't think the medium-sized agricultural manufacturer I work for would be interested in logging into Windows via QR code, but I'm part of my school district's Tech Committee, and we are currently using ClassLink for K-12 students (at least K-9). ClassLink includes an option for using a QR code on a "QuickCard" to login to it's service, which passes those credentials on to websites and Windows for login. I don't know much detail about how it works, but this is at the heart of your question. I wish I could contribute more to this discussion, but I'm going to "subscribe" as I can and I'm intrigued to hear Microsoft's official response. Whatever happens, good luck!

    1 person found this answer helpful.
    0 comments