Closed prof79 closed 4 years ago
Hello Markus,
Unfortunately, as explained by Microsoft on various forums, custom provider (not Microsoft) are not allowed to retrieve these information from the client side. We didn’t yet find any alternative ways to go over that, but if you have any info, you could send to us!
Another approach for us could be to use the two factor credential provider provided by Microsoft, and make the integration of multiOTP on the Microsoft server level, but that means the infrastructure becomes more complicated to implements.
Regards.
Andre
Hello there, great product you're having here :-)
At work I have to evaluate MFA solutions and I have a question and potentially enhancement request:
I know the old times of server/RDP authentication which was done server-side per default. But with NLA, DoS protections and rich RDP clients (like Mac or Android) we need to do Windows/RDP auth already on the client side. multiOTP is brilliant because it works multi-platform - but prompts the Windows credentials for a second time.
So it would be cool if a user that had already authenticated client-side/is coming with valid Windows credentials that they just be asked the OTP alone, not username/password for a second time.
Regrettably I do not know the intricacies und technical limits of credential providers - so maybe it is not even possible to omit credentials/intercept client credentials.
Thanks!
Regards from Austria