FIDO2
When setting up Passwordless security key sign-in Windows and attempting to sign-in to the first machine you have setup (although it could be any machine!) you may encounter the error:
Your credentials couldn’t be verified. (code: 0x000006d, 0x0)
This error message appears even though you can sign-in with the key to AzureAD and other web services.
The cause is likely to be the account you are testing with is a member of the Domain Admins (or a similar) privileged security group, I keep bumping into this one but can’t find the source article where I first read this. If I manage to find the article I’ll post a link!
UPDATE 31/01/2024: It appears there is a way to overcome this issue with a modification of Active Directory objects described at: https://learn.microsoft.com/en-us/entra/identity/authentication/howto-authentication-passwordless-faqs#fido2-security-key-sign-in-isnt-working-for-my-domain-admin-or-other-high-privilege-accounts-why
A late one for this release of ‘from around the web’ after being on holiday for the last week – as the case always seems to be I’ve come out of the sun quite red. This week we have another step in the right direction to getting rid of passwords, some helpful templates for building a first config for a Palo Alto Networks Next Generation Firewall and an interesting (short) review of the Hubitat home automation hub.
New Azure Active Directory capabilities help you eliminate passwords at work
It’s been promised by Microsoft (and some others) for quite some time and it looks like another leap in the right direction has been made. With FIDO2 and devices like the YubiKey password less login on Windows 10 Azure AD domain joined devices is happening. Be sure to watch the video at the bottom of the page!
iron-skillet
All the options within a PAN NGFW can seem quite daunting and while the out of the box settings for security policies will help they are far from best practice. That’s where the IronSkillet comes in handy to take some of that pain away and give you a serious starting point.
Smart Home Hub – Hubitat Review
For the people who don’t have the time (or know how) to invest in something like Home Assistant but aren’t up for relying on a connection to the ‘cloud’ for home automation then Hubitat may well be for you. I’ve been exploring home automation for quite some time (at the moment using LIFX and HomeSeer) and may well consider looking into Hubitat some more if/when I decide to expand on it.
Today I had the pleasure of presenting at the Oxford ICTF Conference on Multi-Factor Authentication and Password Stores with Smart Cards and YubiKeys, the video recording is online now here – https://youtu.be/WGtCxS2YFNA and the presentation can be downloaded through the link below.
A special shout out goes to the Yubico press office for providing a set of YubiKey 4s, YubiKey NEOs and Security Keys which helped fuel a very lively Q and A session!
Presentation.pdf (5.5 MiB, 3,573 hits)