Nieuw leesvoer!

OSINT challenge

Microsoft has just announced plans and timings for requiring MFA across various management portals. learn.microsoft.com/entra/identity…

My biggest question is: Will MFA registration be enforced, or are you locked out if you did not register in time? If registration is enforced, we should put more time into securing the registration process......

Mandatory MFA is coming to Azure, and it is coming fast! Be prepared! janbakker.tech/all-you-need-t…

After reading this book, I discovered a predictable voucher API from one of the museums I visited 😃 I just reported it. Now we are waiting for the bug bounty. It is probably a free ticket for a revisit that I could order a thousand times myself 🤣

Cool! Connect-AzAccount -Identity 😎

I'll leave this here. Someone at Microsoft HQ, please fix the Entra portal. The entire Graph API response is dumped into the address bar when I click on of my authentication methods. It's been months, but nobody seems to care........

To protect your break-glass emergency accounts, FIDO2 keys are the best choice (in most cases). As most FIDO keys allow easy PIN like 1234 or 8888, I'm a big fan of the Token2 R2 keys. They have firmware-based complexity settings that block easy PIN. And they are really

I love the new wizard for Logic Apps. It makes it clear that consumption-based is always multi-tenant and does not come with VNET integration.

Kijk aan. Laten we daar een voorbeeld aan nemen. Ping Zsolt Szabó

I just sent out this week's Entra newsletter. Featuring Tony Redmond, Daniel Bradley, Fabian Bader, Jan Bakker, Rory Braybrook, Shehan Perera | MVP, @sskotheimsvik, Welka's World, Thomas Naunheim, The Identity at the Center Podcast, Ru Campbell and more! → entra.news

I gained three pounds during my vacation, but I had a great time with my family. Now back to work and plain youghurt!

Q about RSVP in Outlook/Teams/ExO: What happens when you untick the box and Accept or Decline? My mind hurts.......

Just curious. How do you manage device code flow? Do you allow it for all, or just a small group? How do you manage that? Static group, or PIM? Do you allow it from all devices?

This is one of many examples I'll be covering with Adam Gross [MVP] - ASquareDozen.com at MMS in October 🔥 mmsmoa.com/mms2024fll Entitlement management is a hidden gem that can really drive "secure by default" initiatives Access Packages provide lots of flexibility for these types of use cases :)

By default, administrator accounts are enabled for self-service password reset. The SSPR administrator policy doesn't depend upon the Authentications method policy. For example, if you disable third party software tokens in the Authentication methods policy, administrator

Good morning!

Note to myself. Don't order shit on shady webshops.