It’s very useful if you don’t use a password manager and/or reuse passwords.
The most useful part about it to me is the API. You can tie in to Active Directory to blacklist all hashes that appear in any breach, plus expire/force a password change if any user on your domain uses a password that has been in a breach. It completely eliminates that vector from threat actors immediately.
The most useful part about it to me is the API. You can tie it in to Active Directory
This trick alone makes my Lemmy addiction pay off. Thanks for even suggesting such magic is possible. Adding that as a task after my samba-AD rebuild this very f’n week.
Is this really that useful though?
I pretty much just assume that I’m getting pwned regularly.
Obviously the password manager advice is very useful.
It’s very useful if you don’t use a password manager and/or reuse passwords.
The most useful part about it to me is the API. You can tie in to Active Directory to blacklist all hashes that appear in any breach, plus expire/force a password change if any user on your domain uses a password that has been in a breach. It completely eliminates that vector from threat actors immediately.
So yeah, I would call this intensely useful.
This trick alone makes my Lemmy addiction pay off. Thanks for even suggesting such magic is possible. Adding that as a task after my samba-AD rebuild this very f’n week.
👍