Customer is asking for LDAP / Active Directory authentication along with OTP (one time password) / multi-factor authentication for an old existing web application written in (asp.net MVC2). Is this possible?
Currently, we are using PrincipalContext in System.DirectoryServices.AccountManagement for username, password validation.
Thanks in advance
You will have to write it yourself. After you authenticate the user via Active Directory, you will have to trigger a second step to generate a code and send it to them, and have a page where they can type in the code to finish the authentication. You will have to decide how you will send it to them (email or SMS or phone call).
For SMS or phone call, you can use a service like Twilio. They actually have an article about using two-factor authentication with ASP.NET, but you probably won't be able to plug in that code as-is to an older app like yours.
Microsoft also has an article about it, but it assumes you're using ASP.NET Identity, which you may not be.