identity
3 posts tagged identity.
-
The Twenty-Year Local Admin Password Crisis: From GPP cpassword to Windows LAPS
Microsoft published the AES key that "protected" Group Policy Preferences passwords. Twelve years later, MS14-025 still has not deleted the artefacts. Here is how Windows LAPS finally fixed the architecture -- and what it still cannot solve.
-
Agentic Identity on Windows: When the Process Acting on Your Behalf Isn't You
Every AI agent on Windows in 2026 runs as the logged-on user. The cloud-identity layer has crossed the agent-attribution gap; the OS layer has not. This article maps the FIDO AATWG pillars onto Windows primitives and asks what is missing.
-
Inside the Primary Refresh Token: The Cryptographic Seam Between Windows Logon and Microsoft Entra ID
How one TPM-bound JWT issued at first sign-in bridges Windows logon and Microsoft Entra ID -- and how Pass-the-PRT taught Microsoft to bind the derivation to the message.