asteroza + logon   40

Computer Login Tools | Yubico
So for pure local accounts, Yubikeys can be 2FA. For AD, gotta setup smartcard logins in AD. Azure AD is something else
yubikey  USB  token  windows  login  logon  security  PIV  smartcard 
6 weeks ago by asteroza
When the manual is not enough – runas /netonly, Unexpected Credential Exposure and the Need for Reality Based Holistic Threat Models – Security Stuff
Bypassing privileged access workstation GPO rules by using a type 9 login. From a hygiene perspective though, if that user had restarted to clear memory stored credentials, it's not the end of the world if someone ran bloodhound?
DFIR  windows  account  remote  network  login  logon  runas  security  hacking  pentesting 
february 2019 by asteroza
Remote Authentication GeoFeasibility Tool - GeoLogonalyzer « Remote Authentication GeoFeasibility Tool - GeoLogonalyzer | FireEye Inc
interesting additional analysis of remote access logs based on GeoIP as well as physical realities (nobody flying commercial supersonic flights so logon locations being too far within a fixed timespan will be suspicious...)
FireEye  geoIP  GeoLocation  location  remote  access  VPN  log  logon  analysis  security  defense 
june 2018 by asteroza
Release 2.1.1 20171220 · gentilkiwi/mimikatz
new mimikatz, there's a handy authentication package called mimilib to capture plaintext passwords at logon on windows 10 with credential guard
mimikatz  security  hacking  pentesting  windows  logon  password  capture  sniffing 
december 2017 by asteroza
JPCERT/CC Blog: Verification of Windows New Security Features – LSA Protection M...
So the short story is the increased security from LSA Protection Mode or Credential Guard protects domain users mostly, if domain password caching is disabled. But local passwords are still vulnerable to Mimikatz, and password reuse is a thing...
Windows  domain  logon  password  hash  security  research  lateral  movement  pentesting  hacking  Delicious 
november 2016 by asteroza
Swiss online storage – Secure online storage | SecureSafe
Interesting data inheritance feature, essentially a account access continuity mechanism to give logon information to family or work in case of death.
SecureSafe  password  manager  software  windows  mac  OSX  PC  iPhone  android  app  document  storage  logon  user  information  security  continuity  deadmans  switch  Delicious 
january 2013 by asteroza
Inception | Break & Enter
Inception, formerly winlockpwn, is a firewire DMA attack that can overwrite login software on target computers such that you can login as the administrator/root without the correct password.
mac  OSX  linux  windows  imaging  memory  software  security  opensource  attack  DMA  escalation  privilege  login  logon  firewire  winlockpwn  inception  thunderbolt  ExpressCard  PCMCIA  vulnerability  rooting  Delicious 
october 2012 by asteroza
Login: unable to type password at welcome screen (several PCs) - Page 2 - Windows XP Support
Looks like using the following filepath from the run menu to uninstall a specific hotfix/KB (especially one that is not visible in the normal add programs control panel) is a possible fix to the password entry problem

"C:\WINDOWS\$NtUninstallKB923191$\spuninst "
kb917556  windows  XP  logon  welcome  screen  password  entry  problem  sysadmin  tips  tricks  hotfix  KB  uninstall  KB923191  Delicious 
september 2009 by asteroza

related tags

2k3  access  account  active  AD  administrator  advice  analysis  android  angular  animated  app  attack  audit  auditing  authentication  avatar  Azure  background  BiodeLogon  biometric  blackhat  blank  bluetooth  cafepress  capture  CBL  CERT  chart  check  citrix  concurrent  configure  console  continuity  continuous  control  converter  cookie  cracker  cracking  credentials  custom  customization  Cybozu  database  deadmans  defense  Dekart  delete  Delicious  deny  desktop  detection  devices  DFIR  directory  DMA  document  domain  dongle  download  drive  dynamic  electronics  encryption  enrollment  entry  escalation  event  ExpressCard  face  federated  FIDO2  fingerprint  FireEye  firewire  flash  flow  flowchart  geoIP  GeoLocation  gibson  gmail  google  GPO  graph  group  GUI  guide  hack  hackers  hacking  hardware  hash  hello  hole  hotfix  howto  humor  image  imaging  inception  information  internet  iPhone  japan  JPCERT  KB  kb917556  KB923191  key  keyless  Labs  lateral  library  linux  liveCD  local  location  log  login  logon  mac  management  manager  memory  MFA  microsoft  mimikatz  MotD  movement  movie  multiple  NEC  NECsoft  neo4J  network  oauth  openID  opensource  Ophcrack  optimization  order  OSX  partition  passport  password  passwordless  patch  PC  PCMCIA  pentesting  photo  PHP  picture  PIV  PKCS#11  PKI  policy  poster  prevention  privilege  problem  process  proximity  psychology  python  rainbow  RDP  reader  recognition  recogntion  reference  RememberMe  remote  research  reusable  Rohos  rooting  runas  sample  screen  scripts  SecureSafe  security  sensor  server  session  sidejacking  SIM  Skype  smartcard  sniffing  software  SSL  SSO  storage  study  support  SVG  switch  sysadmin  table  terminal  thunderbolt  time  tips  token  tools  tracing  tricks  tutorial  U3  UI  uninstall  usability  USB  user  utilities  Valway  variable  vista  VMUG  VMware  VoIP  VPN  vulnerability  wallpaper  WebAuthN  webcam  webdev  welcome  windows  winlockpwn  wireless  XenApp  XenDesktop  XP  yubikey 

Copy this bookmark:



description:


tags: