Certain situations can arise where you no longer know a Windows user account password and need to reset it or make a new one. Third-party tools can assist, but in my experience, many of them have been hit-and-miss. In this post, I will show you step-by-step how to reset a Windows password using Windows install…
Microsoft 365 supports hardware security keys with passkeys. Passkeys are sometimes called FIDO2. Passkeys are one of many ways you can secure your accounts. In this post, I will show you step-by-step how to set up a passkey in Microsoft 365, including configuring a passkey with a break glass emergency access account. Prerequisites The Process…
Microsoft 365’s Stay signed in option is designed for user convenience but can increase security risks when used on public or non-corporately owned devices. The risk is due to the potential for unauthorized access to the user’s account and the resources they have access to. The stay signed in option, also known as KMSI (Keep…
Inspecting TLS/SSL traffic on corporate networks is very common, as over 80% of all web traffic is encrypted. If you aren’t performing TLS/SSL traffic inspection, you are potentially leaving your network exposed. The simple act of inspecting SSL connections helps reduce your attack surface. SSL inspection can make it harder to establish malicious outbound connections,…
DKIM (DomainKeys Identified Mail) is a way to help validate the authenticity of the emails you send. DKIM adds a signature to your email by using a private key and a public key. Your public key is your DKIM DNS record and only your email server knows your private key. When you have DKIM setup…
I’ve been a fan of LAPS for a while and in 2023 Microsoft made LAPS even better by introducing a new version called Windows LAPS. Windows LAPS (Local Administrator Password Solution) is a great tool for managing your local admin passwords. You might be thinking it’s ok I use one complicated password for my local…
