question

hyeyeon avatar image
0 Votes"
hyeyeon asked jiayaozhu-MSFT answered

Windows Custom Credential Provider using only OTP

I want to develop Custom Credential Provider for windows login using only OTP without entering a password.
also, passwords should not be stored on the computer.
Is this possible? If possible, what should I refer to?
Thanks in advance.

windows-server
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

jiayaozhu-MSFT avatar image
0 Votes"
jiayaozhu-MSFT answered

Hi,

Thanks for posting on our forum!

Basically, the main reason for developing custom credential provider is to make windows logon without real password of local user. After you are able to install/register sample code and to debug it, your provider must return to the Logon UI or Cred UI the authentication information. It can be a login/password pair or a certificate based authentication. Inside of your database you can store a real user's password and return it after checking your own OTP. The sample code I think you can get from two places:
1) Dan Griffin’s article. See article:
https://blogs.msmvps.com/alunj/2011/02/21/starting-to-build-your-own-credential-provider/
(Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)

2) https://github.com/DavidWeiss2/windows-Credential-Provider-library/blob/master/README.md

If you think these two sample code is inappropriate to your condition, you can check other codes in Github. I also found an article might be helpful:
https://docs.microsoft.com/zh-cn/windows/win32/secauthn/credential-providers-in-windows?redirectedfrom=MSDN

Thanks for your support! Besides, would you please help me Accept Answer. An accepted blog can be put on top of our forum, so that people who have a similar issue can get access to their solution more quickly. I would really appreciate it if you could support my work.

BR,
Joan


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.