Regarding why your passwords mostly don’t matter, Alex Weinert, Director of Identity Security at Microsoft, wrote a wonderful article way back in 2019 that I suggest you read: Also, in the case of password spray, Azure AD has functions in play to drastically reduce the speed of password spray attacks and increase the time attackers spend guessing a password. The most common attacks, for example, phishing, password spray and credential stuffing, all rely on the fact that your password is either given by the user to the attacker, guessed because it was really simple, or already exposed to attackers because of previous breaches in 3rd parties attacks. Instead, the main enemy is that passwords can be easily gathered and reused from phishing attacks or breaches. But, contrary to what we believe, your password length is not the main enemy when talking about Azure AD, as long as your passwords are not simple. ![]() Windows Hello for Business deployment for AAD joined devicesĪs we all know, passwords are a weak link in our identity processes.Configure security keys as a sign-in option in Windows.Windows Hello for Business and FIDO2 security keys.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |