Share via

Windows Custom Credential Provider using only OTP

hyeyeon@hyundai-autoever.com 106 Reputation points
2021-07-02T02:20:38.047+00:00

I want to develop Custom Credential Provider for windows login using only OTP without entering a password.
also, passwords should not be stored on the computer.
Is this possible? If possible, what should I refer to?
Thanks in advance.

Windows for business Windows Server User experience Other
Accepted answer
  1. JiayaoZhu 3,926 Reputation points
    2021-07-02T08:33:01.097+00:00

    Hi,

    Thanks for posting on our forum!

    Basically, the main reason for developing custom credential provider is to make windows logon without real password of local user. After you are able to install/register sample code and to debug it, your provider must return to the Logon UI or Cred UI the authentication information. It can be a login/password pair or a certificate based authentication. Inside of your database you can store a real user's password and return it after checking your own OTP. The sample code I think you can get from two places:

    1. Dan Griffin’s article. See article:
      https://blogs.msmvps.com/alunj/2011/02/21/starting-to-build-your-own-credential-provider/
      (Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)

    2) https://github.com/DavidWeiss2/windows-Credential-Provider-library/blob/master/README.md

    If you think these two sample code is inappropriate to your condition, you can check other codes in Github. I also found an article might be helpful:
    https://learn.microsoft.com/zh-cn/windows/win32/secauthn/credential-providers-in-windows?redirectedfrom=MSDN

    Thanks for your support! Besides, would you please help me Accept Answer. An accepted blog can be put on top of our forum, so that people who have a similar issue can get access to their solution more quickly. I would really appreciate it if you could support my work.

    BR,
    Joan

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.