In my work on the practical implementation of Password Rotation without Privileged Authentication Administrator, I stumbled upon a somewhat extensive challenge. When trying to use PowerShell to sign in to the Graph API using username + password, I couldn’t find a combination in the PowerShell SDK. The only method would be ClientID + Secret –... » read more
Shouldn’t there be huge demand for an alternative to passwords? The frequency of phishing attacks is constantly increasing, and even bypassing multi-factor authentication is becoming more common (Evilginx says hello). Maintaining and using password managers is also not a pleasant task – so why do we, as the first security measure, use our fingers to... » read more
Raising the Curtain There are some things that regularly bother me – for example, I often wonder how all the Entra ID API rights demanded by applications are justified. I have spent quite some time with the Privileged Access Management piece – but let’s not get ahead of ourselves, first let’s get to know our... » read more