multiOTPCredentialProvider

multiOTP Credential Provider for multiOTP is a free and open source implementation of a V2 Credential Provider for the multiOTP strong two-factor authentication solution (Apache License, Version 2.0)

(c) 2016-2018 SysCo systemes de communication sa (enhancements since 2016 and simple installer with configuration options) (c) 2015-2016 ArcadeJust ("RDP only" enhancement)
(c) 2013-2015 Last Squirrel IT

Current build: 5.1.0.8 (2018-03-05)

Binary download: https://download.multiotp.net/credential-provider/

Please note that the multiOTPCredentialProvider-files-only-A.B.C.D.zip zipped file contains only the DLL in both x64 and i386 format, and a special all-in-one-file multiotp.exe executable created using Enigma Virtual Box (https://enigmaprotector.com/en/downloads.html).

Please consider supporting this project by making a donation via PayPal

Visit http://forum.multiotp.net/ for additional support.

multiOTP Credential Provider for multiOTP supporting Windows 7/8/8.1/10/2012(R2)/2016.

supports both local and domain users
forced OTP check for RDP
forced or disabled check of OTP for local logons
client executable of multiOTP is automatically installed and configured
multiOTP Credential Provider is only activated if the authentication test is passed successfully
DLL and EXE files are digitally signed
the first strong two factor authentication solution that have cache support in order to work also offline!

PREREQUISITES

installed multiOTP server(s)
configured multiOTP user (multiOTP username = [domain user name] or [windows local account name] or [microsoft account name])

INSTALLATION

Launch the installer (in the installer directory) and configure the various parameters during the setup. You must have administrator access.

UNINSTALLATION

Uninstall the multiOTP Credential Provider using the regular uninstallation procedure, or launch the file multiOTPCredentialProvider-unregister.reg (you must have administrator access).

TECHNICAL DETAILS

the credential provider DLL (multiOTPCredentialProvider.dll) is installed in the system folder \Windows\System32
the credential provider options are stored in the following registry key (registry entries have priority over multiotp.ini file entries): HKEY_CLASSES_ROOT\CLSID{FCEFDFAB-B0A1-4C4D-8B2B-4FF4E0A3D978}
- multiOTPCacheEnabled : [1|0], used directly by multiOTP
- multiOTPDisplaySmsLink : [0|1]
- multiOTPLoginTitle : [Login title, default is '', which displays multiOTP Login]
- multiOTPOptions : [additional configuration options used directly by multiOTP, tab separated, default is '']
- multiOTPPath : [X:\Path\to\multiotp\folder]
- multiOTPPrefixPass : [0|1]
- multiOTPRDPOnly : [0|1]
- multiOTPServers : [multiOTP server(s) to contact, default is 'https://192.168.1.88'], used directly by multiOTP
- multiOTPServerTimeout : [timeout in seconds before switching to the next server, default is 5], used directly by multiOTP
- multiOTPSharedSecret : [secret to connect this client to the server, default is 'ClientServerSecret'], used directly by multiOTP
- multiOTPTimeout : [timeout in seconds, default is 10]
- multiOTPUPNFormat : [0|1]
if the tile file [multiOTPPath]\multiotp.bmp exists, it will replace the default 128x128 tile image

THANKS TO

ArcadeJust ("RDP only" enhancement)
LastSquirrelIT (initial implementation)

Report if you have any problems or questions regarding this app.

CHANGE LOG OF RELEASED VERSIONS

2018-03-05 5.1.0.8 SysCo/al FIX: Enigma Virtual Box updated to version 8.10 (to create the special all-in-one-file)
2018-02-27 5.1.0.7 SysCo/al FIX: [Receive an OTP by SMS] link is now fixed for Windows 10
2018-02-26 5.1.0.6 SysCo/al ENH: Credential Provider registry entries are now always used when calling multiOTP.exe
2018-02-21 5.1.0.5 SysCo/al FIX: To avoid virus false positive alert, multiOTP.exe is NO more packaged in one single file
                                 using Enigma, a php folder is now included in the multiOTP folder
                            FIX: multiOTPOptions registry entry is now useless is ignored
2018-02-21 5.1.0.4 SysCo/al ENH: Credential Provider registry entries are used if available
2018-02-19 5.1.0.3 SysCo/al ENH: Setup wizard has one more page for better layout
                            ENH: Options stored in the multiOTPOptions registry are read and have more priorities than config file
                            ENH: Login title can be customized using the multiOTPLoginTitle registry
                            ENH: Tile image can be customized by saving a 128x128 bmp in the file [multiOTPPath]\multiotp.bmp
                            ENH: The default installation folder is now [ProgramFiles]\multiOTP
2017-12-11 5.0.6.2 SysCo/al ENH: [Receive an OTP by SMS] link can be displayed or not (option during installation)
                            ENH: UPN username format can be sent to the multiOTP server (by default, legacy username)
                            ENH: Better documentation
2017-12-04 5.0.6.1 SysCo/al ENH: Default domain name support
                            ENH: User can request an SMS code using a command link
                            FIX: [Synchronize OTP] link removed (useless, synchronization is done automatically by typing OTP1 + [space] + OTP2)
2017-11-10 5.0.6.0 SysCo/al ENH: Specific Credential Provider mode in the CLI version
2017-11-05 5.0.5.9 SysCo/al ENH: Full support for login@domain.name UPN notation (AD/LDAP should be synchronized using the userPrincipalName instead of sAMAccountName identifier)
2017-11-04 5.0.5.6 SysCo/al FIX: Removed digit OTP only check for the OTP field
                            ENH: Friendly name of the second factor field renamed from PIN to OTP
2017-06-02 5.0.4.6 SysCo/al FIX: Fixed default folder detection for the multiotp.exe file
2016-11-04 5.0.2.6 SysCo/al ENG: First public release with an installer, based on hard work done by Last Squirrel IT and ArcadeJust