multiOTP Windows login MFA: PHP error 0xc000007b

2020-06-13

Title image of multiOTP logo and Windows login screen

All product names, logos, and brands used in this post are property of their respective owners.

I recently stumbled across multiOTP (specifically, the multiOTP credential provider for Windows) while investigating free and open-source options for applying multifactor authentication (MFA) to Windows Server console and RDP logins.

multiOTP is a fantastic project that matches the capabilities of expensive 2 factor authentication solutions stride for stride - kudos to the developers behind it! In my research and testing, multiOTP is the only open source multi factor auth solutions with an authentication provider for Microsoft Windows that allows you to quickly and easily protect OS logins.

I ran across a strange behavior I wanted to document and pass on in the hopes it helps others.

The php.exe 0xc000007b application error

After a clean install of the multiOTP credential provider for Windows, I encountered the following error on several Windows devices (when running multiotp.exe and validating credentials with the provider during installation):

Screenshot of php.exe - Application Error: The application was unable to start correctly (0xc000007b). Click OK to close the application.

php.exe - Application Error
The application was unable to start correctly (0xc000007b).
Click OK to close the application.

This is technically a PHP dependency error and is not directly related to multiOTP’s code (aside from the fact that multiOTP is written in PHP and depends on the PHP runtime for Windows).

To fix it, ensure both the x86 and x64 versions of Microsoft Visual C++ Redistributable for Visual Studio 2017 are installed on the 64-bit Windows servers or workstations running the multiOTP Credential Provider.

You can download the latest supported Visual C++ versions from Microsoft here:

https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads

As the Microsoft article mentions, the 2015, 2017, and 2019 versions share the same redistributable files.

Screenshot of both versions of Microsoft Visual C++ Redistributable for Visual Studio 2015-2019 installed

Once the dependencies are installed, the multiOTP Credential Provider works flawlessly and the instructions for standalone configuration (LOCAL ONLY STRONG AUTHENTICATION INSTALLATION) apply as written.

Again, I hope this benefits someone who is deploying multiOTP to secure their Windows environment with an open source, robust OATH-TOTP provider.