Authentication failed (wrong token length)
I have the multiOTP HyperV appliance v5.9.0.3 and multiOTPCredentialProvider v5.9.7.1. Using this to prompt for 6 digit MFA code when a person connects via Remote Desktop to a Windows Server. The multiOTP appliance pulls members of the "2FAUsers" AD user group to create the user accounts and QR codes. This works well for a few weeks, then suddenly stops working. This is my third start-over attempt and each time the problem reoccurs. The user supplies their username, then password, then 6 digit OTP at RDP logon, then after a pause the error "Wrong One Time PIN" is returned. If I run "multiotp -display-log -debug auser", I see the error "authentication typed by the user is 13 chars long instead of 6 chars" and "Authentication failed (wrong token length)". I am only typing in a 6 digit code when prompted, so I am puzzled where the additional 7 characters are coming from. Any ideas to steer me towards a resolution?
Comments
What is written in the log of the multiOTP HyperV appliance when you try to log on using the multiOTPCredentialProvider ?
Where did you run "multiotp -display-log -debug auser xxxx" ? On the Windows Server (where multiOTPCredential Provider is installed) or on the multiOTP HyperV appliance ?
Regards,