AuthAnvil Windows Credential Provider Install Guide

The AuthAnvil Two Factor Auth Windows Credential Provider  offers companies the ability to add strong two-factor authentication to Microsoft’s Windows client and server operating systems. It provides a simple and consistent logon experience no matter if they logon at the local desktop or through a terminal session. And it offers identity assurance by requiring users to provide their AuthAnvil Two Factor Auth passcode during the logon process.


Note: This installation guide is only compatible with this installer.


Supported Platforms

The AuthAnvil Two Factor Auth Windows Credential Provider is available for the following platforms:

  • Windows Server 2008, 2008 R2, 2012, 2012 Essentials, 2012 R2
  • Small Business Server 2008, 2011
  • Small Business Server Essentials 2011
  • Essential Business Server 2008
  • Vista, Windows 7 and Windows 8, Windows 8.1
  • Windows 2008, 2008 R2 and 2012 Terminal Server
  • Windows Server 2008 R2 Core
  • Hyper-V Server 2008

Note: This agent does not support Windows 10.


The following software must be installed before the Windows Credential Provider  can be installed.

Note: These must be installed manually on 64-bit machines before installing the Windows Credential Provider  as there is no prerequisite checking available. Installing the Windows Credential Provider  without the prerequisites installed will leave the machine unable to successfully log in, and require the Credential Provider to be removed using the Emergency Uninstall Procedure 

  • .NET Framework 2.0 or later (Not required for Server Core and Hyper-V)
  • Microsoft Visual C++ 2008 Runtimes (MSVC++ 9.0)
  • MSXML 6.0


Windows Logon Credential Provider – Sometimes called a cred provider. Provides strong authentication for Windows Vista, Windows 7, Windows Server 2008, Windows Server 2012 and Windows Server 2012 Essentials. This is available in the AAWinLogonCP.exe installation file.

The installers of these agents provide installation for both 32bit and 64bit CPU targets. You can download these agents from


Installation Steps

The following steps should be used to install the Windows Credential Provider:

  1. Download the appropriate agent from
  2. Once downloaded. Run the EXE installer.

  3. Select Next.

  4. Accept the Terms of use and select Next.

    Update the SAS URL to reflect your AuthAnvil FQDN. Your SAS URL will be your tenant URL/AuthAnvil/SAS.asmx Example

  5. Once you have the correct SAS URL select Next.

    Set the Override Group and Override password.
    Note: This Override Group will need to be manually created in Active Directory or locally for stand alone machines.
    Note: Always set an override Password to prevent errors during installation and testing. This password can be changed later as well.

  6. Select Next once the Override settings are set.

  7. Select Install to complete the setup. 

    Once the user is logged out you should now see a Windows credential provider prompt including an AuthAnvil passcode prompt.

    Testing functionality

    When the user logs into a Windows Desktop locally or remotely they will see the following.

    The AuthAnvil Passcode consists of a Pin+OTP.

    Note: Users will need to enter a four digit pin here as well as the One Time Password.
    For the Pin your users will use Pin: 1234
    The actual Pin requirement was a hold over from the old On-Prem configuration. On-Demand does not use the Pin, however it respects the value being submitted.

Note: Offline caching mode is currently not compatible with AuthAnvil On-Demand user accounts.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us