Edge Password Vault, SSO, Domain Admin Creds
Blue Security - Un pódcast de Andy Jaw & Adam Brewer - Martes
Categorías:
Summary In this episode, the hosts discuss the Edge password vault and its pros and cons. They highlight the ability to sync passwords to an enterprise ID and the encryption of passwords on the disk. However, they also mention limitations such as the lack of MFA support and the inability to share passwords. The conversation then shifts to best practices for IT admins, including the separation of roles and credentials and the use of password managers. The hosts also emphasize the importance of implementing single sign-on and federating SaaS apps to improve security. Takeaways -The Edge password vault offers convenient password syncing to an enterprise ID and encryption of passwords on the disk. -However, it lacks features such as MFA support and password sharing, making it less suitable for enterprise use. -IT admins should separate roles and credentials, implement single sign-on, and federate SaaS apps to improve security. -Password expiration policies should be reevaluated, as it is no longer necessary to change passwords every 90 days. ------------------------------------------- Youtube Video Link: https://youtu.be/YLIUq5soGhs ------------------------------------------- Documentation: https://learn.microsoft.com/en-us/deployedge/microsoft-edge-security-password-manager-security https://learn.microsoft.com/en-us/entra/identity/users/users-sharing-accounts https://twitter.com/thetomzone/status/1760833981904228508?t=wVpJpdH7u2mDZZDEtx3bMg https://twitter.com/techspence/status/1761034174331535802?t=wVpJpdH7u2mDZZDEtx3bMg ---------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Threads: https://www.threads.net/@bluesecuritypodcast Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: [email protected] ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: [email protected]