I got caught up in doing this, and now it’s 3:45AM. C’est la vie! My loss of sleep is your threat analysis gain.
I’ve made several updates to the PwnCheck tool (used to query the HaveIBeenPwned.com database).
Here they are, in no particular order!… [ Continue reading ]
As my kids are eager to tell me, I done messed up. 😉 One of my readers pointed out an oversight where a null variable may have been referenced–and it’s been corrected! H/T to @itpro_tipscom!
You can get the updated version at https://gallery.technet.microsoft.com/PwnCheck-HaveIBeenPwned-d65cf5f1.… [ Continue reading ]
Yes, these seems like a silly feature to add (since you can just do a single identity from the haveibeenpwned.com website, buuuuuuuttttttttttt…..), I wanted to showcase the script’s versatility while at a customer, so I added this one on the fly today.… [ Continue reading ]
This afternoon, while working with a colleague, I was alerted to a customer that appears to have the same 6-character password set for every user, which honestly, I feel like violates the very notion of a password. They’re not currently in Office 365 (or even Active Directory), but the risk is the same:
Users tend to use the same passwords everywhere.… [ Continue reading ]