HTTPS subdomain to HTTPS domain

Image

Moderators: Admiral of the Fleet, Vice Admiral

User avatar
0verzeal0us
Posts: 1883
Joined: Tue Oct 23, 2018 8:29 pm
Location: Hertfordshire
Contact:

Re: HTTPS subdomain to HTTPS domain

Post by 0verzeal0us » Wed May 26, 2021 1:41 pm

I wouldn't use WP but again, I'm cheap and £1 for a domain with hosting is good value.

I could host a non-WP site myself but I'm not keen on poking holes (even VPNs) in my home network if I don't have to. You'll be pleased to hear that I have a single user with a 72-character password with MFA. The user is also NOT administrator.
I am Autistic which means communication can sometimes be difficult for me. If you would like to know more about Autism, please click here.
Image

darkdeamon
Posts: 300
Joined: Tue Oct 23, 2018 6:16 pm

Re: HTTPS subdomain to HTTPS domain

Post by darkdeamon » Fri May 28, 2021 6:28 am

That's more paranoid than me.
I hold the 365 global admin account at work and that's a 32 character passphrase plus MFA (I can remember it and don't store in my password manager 😜🤣)
My Google Auth app has over 40 authenticators and I have an encrypted password protected folder with all the backup codes
Lording it over the plebs and putting my hacks on your PC by many devious methods

User avatar
0verzeal0us
Posts: 1883
Joined: Tue Oct 23, 2018 8:29 pm
Location: Hertfordshire
Contact:

Re: HTTPS subdomain to HTTPS domain

Post by 0verzeal0us » Fri May 28, 2021 8:40 pm

Well someone is trying to log in so I thought I’d fuck them off by giving them the most ridiculous password ever!
I am Autistic which means communication can sometimes be difficult for me. If you would like to know more about Autism, please click here.
Image

darkdeamon
Posts: 300
Joined: Tue Oct 23, 2018 6:16 pm

Re: HTTPS subdomain to HTTPS domain

Post by darkdeamon » Sat May 29, 2021 2:18 pm

We are running hybrid 365 and still have a few hundred users running on the on-premise that are either awaiting migration (1 company left but they are a problem child) or the companies are winding up so there's no point migrating them.
We are seeing anything between 500-4000 brute force attempts per day against the remaining accounts. It's crazy!
As for the 365, we're having to roll out MFA to protect the users accounts which is going down like a case of the shits in a crowded lift!
Lording it over the plebs and putting my hacks on your PC by many devious methods

User avatar
0verzeal0us
Posts: 1883
Joined: Tue Oct 23, 2018 8:29 pm
Location: Hertfordshire
Contact:

Re: HTTPS subdomain to HTTPS domain

Post by 0verzeal0us » Sat May 29, 2021 5:23 pm

We use Duo for remote desktop (just because you only have to sign in once) but then we haven't migrated many users into Azure AD. When we do, we'll use Microsoft Authenticator. Our insurers have said we need to have Duo for our admin accounts which is fine except they insist that we use it whilst on prem too.
I am Autistic which means communication can sometimes be difficult for me. If you would like to know more about Autism, please click here.
Image

Post Reply