I would like to create a custom 2FA on Windows XP (and above) for personal computers.
I know Windows XP is discontinued, but I'm using an old program relying on Windows XP, so for now I'm stuck on it.
I can write C/C++ code, but I don't know C#. So I'm trying to figure out a way to suspend userinit to show my app, then my app will either let userinit do its thing, or logout the user.
I've tried changing userinit in the registry to put my app which would load userinit itself, but it's easily hackable: My app can be closed, leaving the computer in a lockdown state, or taskmgr can be used to launch userinit or explorer.
If there are better way, I'm opened to suggestions, but I'd like to avoid ready made solutions (Rohos Logon Key works but can sometimes be worked around)
As far as I know you can do it only on C++ to implement GINA (for Windows XP). For Vista (and above) you need to implement Credential Provider. It can be implemented in both C++ and C#.