multiOTP credential provider

multiOTP Credential Provider for multiOTP is a free and open source implementation of a V2 Credential Provider for the multiOTP strong two-factor authentication solution (Apache License, Version 2.0)

(c) 2016-2018 SysCo systemes de communication sa (enhancements since 2016, simple installer with configuration options)
(c) 2015-2016 ArcadeJust ("RDP only" enhancement)
(c) 2013-2015 Last Squirrel IT

Current build: (2018-01-03)

Binary download:

Please consider supporting this project by making a donation via PayPal

Visit for additional support.

multiOTP Credential Provider for multiOTP supporting Windows 7/8/8.1/10/2012(R2)/2016.
- supports both local and domain users
- forced OTP check for RDP
- forced or disabled check of OTP for local logons
- client executable of multiOTP is automatically installed and configured
- multiOTP Credential Provider is only activated if the authentication test is passed successfully
- DLL and EXE files are digitally signed
- the first strong two factor authenticaton solution that have cache support in order to work also offline!

- installed multiOTP server(s)
- configured multiOTP user (multiOTP username = [domain user name] or [windows local account name] or [microsoft account name])

- Launch the installer (in the installer directory) and configure the various parameters during the detup. You must have administrator access.

- Uninstall the multiOTP Credential Provider using the regular uninstallation procedure, or launch the file multiOTPCredentialProvider-unregister.reg (you must have administrator access).

- the credential provider DLL (multiOTPCredentialProvider.dll) is installed in the system folder \Windows\System32
- the credential provider options are stored in the following registry key : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{FCEFDFAB-B0A1-4C4D-8B2B-4FF4E0A3D978}
- multiOTPPath : X:\Path\to\multiotp\folder
- multiOTPTimeout : [timeout in seconds, default is 10]
- multiOTPRDPOnly : [0|1]
- multiOTPPrefixPass : [0|1]
- multiOTPDisplaySmsLink : [0|1]
- multiOTPUPNFormat : [0|1]
- the multiOTP options are stored in the file [multiOTPPath]\config\multiotp.ini

- ArcadeJust ("RDP only" enhancement)
- LastSquirrelIT (initial implementation)

Report if you have any problems or questions regarding this app.

2017-12-11 SysCo/al [Receive an OTP by SMS] link can be displayed or not (option during installation)
UPN username format can be sent to the multiOTP server (by default, legacy username)
Better documentation
2017-12-04 SysCo/al Default domain name support
User can request an SMS code using a command link
[Synchronize OTP] link removed (useless, synchronization is done automatically by typing OTP1 + [space] + OTP2)
2017-11-10 SysCo/al Specific Credential Provider mode in the CLI version
2017-11-05 SysCo/al Full support for UPN notation (AD/LDAP should be synchronized using the userPrincipalName instead of sAMAccountName identifier)
2017-11-04 SysCo/al Removed digit OTP only check for the OTP field
Friendly name of the second factor field renamed from PIN to OTP
2017-06-02 SysCo/al Fixed default folder detection for the multiotp.exe file
2016-11-04 SysCo/al First public release with an installer, based on hard work done by Last Squirrel IT and ArcadeJust

2018-01-03 6 MB multiOTPCredentialProvider-

Other documents

2018-01-03 1 KB multiOTPCredentialProvider-unregister.reg