We have deployed an additional credential provider to Windows 11. We want the default credential provider for Windows logon to be the new CP, Yubikey security key, for example. When configuring the security key as the default, the Broadcom CP continues to be presented as the default.

This impacts our users significantly in a negative manner when Windows goes to the lock screen. The Broadcom CP default of username and password replaces the primary refresh token of the multifactor authentication, and the user is prompted multiple times to reauthenticate to cloud resources using MFA.

Broadcom Identity Manager Credential Provide 14.5.0

Windows 11

Windows 11 introduced a behavioral change in the IDM Credential Provider that caused the IDM CP 14.5 to override the default CP setting.

The issue does not occur with the CP 14.5 on Windows 10.

A fix in the form of a new DLL to be applied to the 14.5 Credential Provider resolves the issue.

Contact Support and ask for the hotfix, HF-DE636064.zip.