Microsoft said last year that it wants to improve authentication security by eventually killing off NTLM sometime in the future. Today, the company has announced the deprecation of the feature.
Authentication RSS
Microsoft confirmed yesterday that a VPN bug is affecting Windows 10 and 11, as well as Servers. Alongside that, the company has also confirmed that Server systems are also having NTLM traffic spikes.
Google announced that its Passkeys authentication tech has been used over one billion times in less than a year. Passkeys eliminate the need to use complex passwords and are about 50% faster.
WhatsApp is finally bringing support for passkeys on its iOS app, the company announced on X. Passkeys allow for password-less and secure authentication using methods like Face ID and Touch ID.
Microsoft's LinkedIn is expanding identification verification to 16 more countries as it tries to reach its 2025 goal of getting 100 million people verified. Verification helps build trust.
_medium.jpg)
Microsoft has made an important change in recent Windows 11 Pro Insider Preview builds by disabling SMB guest authentication fallbacks by default. This has been done to improve the security of the OS.
Microsoft has enabled a preview feature by default in the latest Windows 11 Dev Channel build 25206. It is related to improving the security of SMB NTLM authentication and reducing attack surfaces.
Microsoft has detailed some new capabilities that have been added to its Windows Autopatch service for enterprise customers recently. The headlining feature is application-based authentication.
Microsoft has once again informed customers that it is deprecating Basic Auth for many Exchange Online protocols starting from next month. However, tenants will be able to bypass it temporarily.
_medium.jpg)
Google Workspace customers integrating Google Calendar and Exchange Online have been urged to make a configuration change before Microsoft disables an old authentication mechanism in October.
Microsoft has released multiple OOB updates which fix an issue that was introduced with the latest May Patch Tuesday. The bug was leading to auth failures on domain controlled servers and clients.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is no longer recommending the installation of May Patch Tuesday updates on Domain Controllers because of authentication issues.
Microsoft has reminded organizations that it is deprecating Basic Auth for most protocols in Exchange Online in October 2022. The disabling process will be randomized so it's best to be prepared.
Microsoft has released a new Windows Server preview build 25075 today to Insiders. The new build brings an SMB NTLM authentication limiting feature that makes brute-force exploits very challenging.
Microsoft has enabled the authentication for autofill toggle on Edge Dev for Android, bringing it a step closer to being made available for all people who choose to run Microsoft Edge on Android.
A security team has issued an advisory about an apparent design flaw which allows single-factor brute-force attack on Azure Active Directory. However, Microsoft says that this is by design.
Microsoft has formally announced the death of passwords, at least on its services. Starting today, you can completely remove a password from your Microsoft account and use alternate methods instead.
_medium.jpg)
Instagram has rolled out a new feature that allows you to restore recently deleted photos and videos or permanently remove content from your account, provided you verify your identity first.
Microsoft has announced the general availability of email OTP for better B2B collaboration. Guest users will be allowed to access resources without Azure AD, a Microsoft account, or Google federation.
While users of Office 365 for business and education have had to use the service-specific portal to sign in, they will soon be able to kick off the authentication process via Outlook.com instead.
Microsoft has collaborated with the FIDO Alliance to offer a new Windows Hello FIDO2 Security Key feature. Currently, this feature is in limited preview with no timeline for a wider rollout available.
According to a new report, Microsoft may be looking to make Windows Hello authentication faster on Windows 10 Mobile devices, by removing a rather useless "winking" animation in the Creators Update.
As TechEd continues, we are learning more and more about what to expect in the upcoming version of Windows 8. Today, Microsoft went into details discussing their plans for biometrics.
A few screenshots of Microsoft Account settings have leaked that indicate the presence of two-step authentication, while an Authenticator app is already available in the Windows Phone Store
Barclays is to use two-factor authentication for the first time in an effort to prevent fraudsters plundering bank accounts. The bank's PINsentry devices will be sent free to half a million customers later this year...
Yahoo Inc. is putting its e-mail authentication method into action. On Monday, the Sunnyvale, Calif., company will begin to support its DomainKeys cryptographic approach for Yahoo Mail, one of the largest Web-based e-mail services in...
Security and billing applications maker VeriSign said Wednesday that it established a new partnership with Microsoft to build authentication services based on the software giant's Windows Server 2003 product line. VeriSign says...
Microsoft Metadirectory Services (MMS) is a centralized metadirectory service that provides connectivity, management, and interoperability functions to help unify fragmented directory and database environments. It enables enterprises to link together disparate data repositories such as...
Thanks xStainDx and everyone who sent us an email about the heads up on this. Date: 22 May 2002 Impact: Elevation of Privilege Max Risk: Critical Affected Software: ...
