Transcript
Paul Thurrott (0:00)
Coming up next on Hands on Windows, we're going to take a look at the Microsoft Password Manager. This is the Microsoft Password management solution, of course, and it's sort of built into Windows 11.
Leo Laporte (0:13)
Podcasts you love from people you trust. This is twit.
Paul Thurrott (0:22)
Hello everybody and welcome back to Hands on Windows All Thurad. And we're continuing the two parter that I'm doing here about password management and Windows 11. So last week we looked at third party password managers and just password managers in general, the basics of setting up or moving to a new one, the necessity of getting rid of your passwords from your other password managers, all that kind of stuff. So this week, bring it back home a little bit. We will look at what password management looks like in Windows 11 and it doesn't look like much because Windows 11 itself, the actual operating system, does not have built in password management capabilities. You may remember that it does have built in password management capabilities. But for. I'm sorry, I want to make sure I got that right. Built in passkey management capabilities, but for passwords or really identity management. Right. As we discussed last week, Microsoft relies on the Microsoft Password Manager which is built into Microsoft Edge, the web browser. So as with Chrome, if you go in here, and in this case it is passwords in autofill, you can see this link for the Microsoft Password Manager. Now I don't normally use this, I use a third party password manager, but I have used this in the past, which you can see because I have all these accounts still sitting here like an idiot. Exactly what I'm telling you not to do. And I have put everything kind of back together again, if that makes sense. Normally I disable all this. If you're going to not use this but still use Edge, you should go into all three of these and turn off all the options related to auto filling your information. Right? But I've turned them back on so that Edge will kind of work as if not God. Then at least Microsoft intended. So now it will ask to save passwords and pass keys. Those pass keys will actually be saved to the local device, which isn't super great, they're not super portable, but it will, it will do that for you. Okay, so this is configured, you know, correctly in Microsoft's Dare the World. And again, not what I would do. But after this break, we'll take a look at what it means to actually use this thing in Windows 11.
Leo Laporte (2:40)
Hey, Paul. Hey everybody. This episode of Hands on Windows brought to you by this baby right here. This is the thinkst Canary. This thing is dynamite. Look at it. What do you think that is? Is that an external USB drive? It's about that size, but you know what? It's not. See that? That's an ethernet jack. Because this, this goes on your network. This is a honey pot. This thing's Canary Honeypot. It's so well designed, it can be deployed in minutes and it can represent almost anything under the sun. A Linu, a SharePoint server, Windows Server. It could be. Well, it could even be a SCADA device. Or mine's a Synology nas. It could be an SSH server. The key is it looks identical to those things right down to the Mac address, but it's not. If somebody accesses a malicious insider or a hacker in your network accesses this thing, you're going to know instantly. It could also create files. This is really cool. Little trip wires, lures you can put everywhere inside your network. You can put them on your cloud drives and if somebody tries to open them, they can be spreadsheets. I have a spreadsheet on my Google Drive called payroll information. Hackers look for those. That's a good one. It could be a wire guard configuration. Be almost anything. But the minute somebody opens those files or accesses your brute forces, your fake internal SSH server, your thinks Canary is going to tell you you have a problem. No false alerts, just the alerts that matter. You can get them via email. Slack, it supports webhooks. You could have it in your discord. You could have it anywhere you want. Syslog. Of course, on your console you just choose a profile for your thinkscanary device. So easy to do, you could change it daily if you want, register with the hosted console for monitoring and notifications, and then you sit back and wait. An attacker who's breached your network, an evil made any adversary will make themselves known. They can't but help it. This is what they're looking for. They're looking to get into that key file with all that information. They access your things. Canary, you're going to know. Now, how many should you get? Well, you certainly should have one for every network segment. You should have one for every branch office. A large bank might have hundreds or thousands of them. Small operation like ours, just a handful. Let me give you an example. Go to Canary Tools Twit if you wanted five thinks Canaries, one for every network segment, every VLAN, $7,500 a year. You get your own hosted console. You get upgrades, you get support, you get maintenance. All that's covered. Oh, and One other thing. If you use the code TWIT in the how did you hear about us? Box, you're going to get 10% off your thinkscanary. And not just for the first year, but for as long as you own it. Here's another good thing. You can always, you know, if you're at all worried and at all skeptical, whatever, you can always return your thinkscanary. You've got two whole months a 60 day money back guarantee and you'll get a full refund. Now, I have to tell you, that might be reassuring, but during all the years, almost a decade now that we've partnered with thinkscanary, that refund guarantee has never been claimed. No one's ever asked for their money back. Because once you get one of these, you're going to say, how did I live without it? Visit Canary Tools Twit Enter the code TWIT in the how did you hear about us? Box. The Thinkst Canary Canary. Forget the offer code twit to save 10%. Now back to Paul at Hands on Windows.