Wednesday, July 3, 2024
Latest:
NETWORK ADMINISTRATIONSWindows serverwindows server dhcp

VLOG Thursday 369: Bitlocker Bypass, Bitwarden Passkeys, Some News, Home Lab, Tech Talk Live Q&A

Business Technicalities Channel
https://lawrence.video/biz

https://www.linkedin.com/in/lawrencesystems/

Connecting With Us
—————————————————
+ Hire Us For A Project: https://lawrencesystems.com/hire-us/
+ Tom Twitter 🐦 https://twitter.com/TomLawrenceTech
+ Our Web Site https://www.lawrencesystems.com/
+ Our Forums https://forums.lawrencesystems.com/
+ Instagram https://www.instagram.com/lawrencesystems/
+ Facebook https://www.facebook.com/Lawrencesystems/
+ GitHub https://github.com/lawrencesystems/
+ Discord https://discord.gg/ZwTz3Mh

Lawrence Systems Shirts and Swag
—————————————————
►👕 https://lawrence.video/swag

AFFILIATES & REFERRAL LINKS
—————————————————
Amazon Affiliate Store
🛒 https://www.amazon.com/shop/lawrencesystemspcpickup

Ubiquiti Affiliate
🛒 https://store.ui.com/?a_aid=LTS

Gear we use on Kit
🛒 https://kit.co/lawrencesystems

Try ITProTV free of charge and get 30% off!
🛒 https://go.itpro.tv/lts

Use OfferCode LTSERVICES to get 5% off your order at
🛒 https://lawrence.video/techsupplydirect

Digital Ocean Offer Code
��� https://m.do.co/c/85de8d181725

HostiFi UniFi Cloud Hosting Service
🛒 https://hostifi.net/?via=lawrencesystems

Protect you privacy with a VPN from Private Internet Access
🛒 https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS

Patreon
💰 https://www.patreon.com/lawrencesystems

CHAPTERS:

source

by Lawrence Systems

windows server dhcp

You May Also Like

How to buy a Hosting Task Package in || DPS 4 Hosting || HitzProLtd

.NET CORE tutorials || Demo – 1 || by Mr. Ahmed Shareef On 30-05-2024 @6PM IST

MCSA Windows Server 2016 (70-740) Course – learn Microsoft 70-740

Alice AUSTIN

11 thoughts on “VLOG Thursday 369: Bitlocker Bypass, Bitwarden Passkeys, Some News, Home Lab, Tech Talk Live Q&A

  • 11:26 having a passkey stored in Bitwarden is no different security wise from having a TOTP code stored in Bitwarden. Passkeys were designed to be used on a single device, so 2FA was built in (you need both the passkey and the device). Once you save a passkey on a password manager it becomes single factor since any breach of the password manager gives access to the passkey without a second factor.

  • The most annoying about bitwarden passkey is that they can't be disabled… It always pops up before my yubikey gets addressed.

    It's similar with hello windows… Had a hard time to couple my yubikey with some sites.

    There is a lot to improve with passkeys

  • Where would I sign up for your newsletter?

  • I wanted to ask Tom about inter VLAN routing. You can restrict traffic with rules in pfsense but what if you have a clever managed switch, like a Qnap or Mikrotik with hardware accelerated packet switching, including vlans. Do you lose the ability to process rules on pfsense because the switch is allowing the packets to move between VLANs, or does the switch only transfer packets to the same VLAN? I'm thinking the switch, separate from pfsense, probably only moves packets between ports on the same vlan, and any packets from vlan a to vlan b would go via pfsense. Can anybody confirm. Could this be a useful teaching video. I have both Qnap 2.5g and Mikrotik 2.5g switches but I want to make sure IoT traffic cannot get to other vlans.

  • On the question of TOTP in Bitwarden…

    First I use a ridiculously long, randomly generated password that I couldn't tell you even under the threat of death. I store the password offline in a couple secure places (primary, backup). Second, my Bitwarden second factor is a Yubico key. Excepting a massive vulnerability in Bitwarden, you're not getting into my vault without my master password and the (physical) Yubico key.

    Ergo, excepting a few high value accounts that I use the Yubico key for, I store all my TOTP in Bitwarden and I sleep fine at night.

    The one thing that I do that is a "risk" because I don't use a master password that I remember, is I set the timeout to never on systems that I use. This is a compromise in convenience vs. security, but I know every device that my BW is on, and I use drive encryption and strong passwords on those devices. Devices such as my phone would require you to have the ability to unlock my phone first and also unlock BW with Face ID. If a device is ever lost/stolen I can invalidate the sessions.

  • RE: Truenas Scale, I've had issues with App status not updating, especially when doing bulk updates. Otherwise it may be a session timeout.

  • I have two U6 enterprises and every time they do a firmware update I seem to have factory reset them and then readopt. It's very weird. All I can say is I'm glad they're not up stupid high and are easy to access.

  • It's important to note that modern devices shipped in the past 5yrs are no longer vulnerable to this Bitlocker attack as they feature firmware TPMs not discrete TPMs.

  • Combine passkeys with TOTP or yubikey and it is more secure than password + TOTP

  • The bit locker bypass was so amazing that it even appeared in the news

Comments are closed.