This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I'm currently working on creating a Custom Windows Authentication System in Windows 11. I am using this GitHub project for starting reference. I've developed a DLL to implement a custom login layer on the Windows Login Tile. However, after entering a valid username and password in the tile fields, the system doesn't proceed to the next step—it loads for a while and then says "Incorrect username or password." Do you have any suggestions on how this issue can be resolved? Or can you help me find any other better way to create a Custom Windows Authentication flow (i.e. using custom fields, custom biometric devices, etc.)?
Code snippet
public List<_CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR> CredentialProviderFieldDescriptorList = new List<_CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR> {
new _CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR
{
cpft = _CREDENTIAL_PROVIDER_FIELD_TYPE.CPFT_SMALL_TEXT,
dwFieldID = 0,
pszLabel = "Welcome to Custom Windows Login",
},
new _CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR
{
cpft = _CREDENTIAL_PROVIDER_FIELD_TYPE.CPFT_SUBMIT_BUTTON,
dwFieldID = 1,
pszLabel = "Login",
},
new _CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR
{
cpft = _CREDENTIAL_PROVIDER_FIELD_TYPE.CPFT_EDIT_TEXT, // Username field
dwFieldID = FIELD_ID_USERNAME,
pszLabel = "Enter Username",
},
new _CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR
{
cpft = _CREDENTIAL_PROVIDER_FIELD_TYPE.CPFT_PASSWORD_TEXT, // Password field
dwFieldID = FIELD_ID_PASSWORD,
pszLabel = "Enter Password",
}
out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs, out string ppszOptionalStatusText,
out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon)
{
Log.LogMethodCall();
// Hardcoded valid credentials
string validUsername = "username";
string validPassword = "password";
try
{
// Validate the username and password against hardcoded values
if (username == validUsername && password == validPassword)
{
// If valid, proceed with the authentication process
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_RETURN_CREDENTIAL_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
var inCredSize = 0;
var inCredBuffer = Marshal.AllocCoTaskMem(0);
if (!PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
Marshal.FreeCoTaskMem(inCredBuffer);
inCredBuffer = Marshal.AllocCoTaskMem(inCredSize);
if (PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
ppszOptionalStatusText = "Login successful";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS;
pcpcs.clsidCredentialProvider = Guid.Parse(Constants.CredentialProviderUID);
pcpcs.rgbSerialization = inCredBuffer;
pcpcs.cbSerialization = (uint)inCredSize;
RetrieveNegotiateAuthPackage(out var authPackage);
pcpcs.ulAuthenticationPackage = authPackage;
return HResultValues.S_OK;
}
}
Marshal.FreeCoTaskMem(inCredBuffer);
ppszOptionalStatusText = "Failed to pack credentials";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
return HResultValues.E_FAIL;
}
else
{
// If invalid, return an error message
ppszOptionalStatusText = "Invalid username or password";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
// Indicate that the credential serialization failed
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
return HResultValues.E_FAIL;
}
}
catch (Exception ex)
{
// Handle any unexpected exceptions
ppszOptionalStatusText = $"An error occurred: {ex.Message}";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
return HResultValues.E_FAIL;
}
}
Error message
This is a generated error message that I found on the Windows Event Viewer:
An account failed to log on.
Subject:
Security ID: SYSTEM
Account Name: DESKTOP-476EOJ1$
Account Domain: WORKGROUP
Logon ID: 0x3E7
Logon Type: 2
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: -
Account Domain: -
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xC000006D
Sub Status: 0xC000006A
Process Information:
Caller Process ID: 0x860
Caller Process Name: C:\Windows\System32\svchost.exe
Network Information:
Workstation Name: -
Source Network Address: 127.0.0.1
Source Port: 0
Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon request fails. It is generated on the computer where access was attempted.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
Hi, I am Dave, I will help you with this.
I apologize, Community is just a consumer forum, due to the scope of your question can you please post this question to our sister forum on Microsoft Q&A (The Developers Forum) in the C# section (linked below)
Over there you will have access to a host of Developers and C# Programming experts and will get a knowledgeable and quick answer to this question.
