Posts

Introducing a new Microsoft identity solution which holds the answer to a longstanding need for a parent and guardian identity provider in schools.

CISA’s Bob Lord coined the term ‘hacklore’ for ‘cybersecurity folklore’, the stories we tell ourselves and others about the nature of technological risks and ways to avoid them that are grounded in fear rather than fact, rumour rather than evidence, antiquity rather than the present day. I see this everywhere, even in high-end corporate ‘cyber awareness’ programmes. Beware of charging your phone from a public USB socket, beware of accepting browser cookies, beware of updating devices on untrusted networks and so on....

It’s been an incredibly long time coming but at last I have a working proof of concept for an end-to-end entirely cloud-based enterprise wireless network.

Modern security and wifi standards say we have to move to certificates but that’s a tall order for many, particularly if we need to replicate the user-level identification of a humble password.

Updating the old ghost computer account sync script to get NPS working with Azure AD / Entra-joined devices again, but it’s a last gasp.

Presenting some ideas about how we can enforce more secure authentication methods without locking out users that don’t have them yet. Featured in Entra News!

Resurrecting a bit of troubleshooting technique from the golden age of email.

A maddening bug in Exchange that will probably never be fixed, but at least I’ll show a workaround.

A lack of mobile support for FIDO2 auth and Passkeys from Microsoft is hampering widespread adoption but some limited use cases can bring immediate benefit to securing high-risk activities.

We’re not doing well enough at communicating the need for better authentication or providing simple means for its widespread adoption.