From the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using passwords that have been revoked.
https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/
Dan Goodin
npub1z3…8qvzu
2025-04-30 18:48:37 UTC
Author Public Key
npub1z3lwfekw80j4ngzg6ky3ks202xr6uwnd4jttxzsd4euc9l55euvq48qvzuSeen on
wss://relay.momostr.pinkPublished at
2025-04-30 18:48:37 UTCEvent JSON
{
"id": "9b5485e2fdb938ad135ffa82d55d6af741b8f6eb73e04242b8d68cbc6bea32a6",
"pubkey": "147ee4e6ce3be559a048d5891b414f5187ae3a6dac96b30a0dae7982fe94cf18",
"created_at": 1746038917,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@dangoodin/114428406486599358",
"web"
],
[
"proxy",
"https://infosec.exchange/users/dangoodin/statuses/114428406486599358",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/dangoodin/statuses/114428406486599358",
"pink.momostr"
],
[
"-"
]
],
"content": "From the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using passwords that have been revoked.\n\nhttps://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/",
"sig": "f5651a53e1162efbcffe80ec09e4d6046a2242f268a668e01d952488de1986aa0ddf622a736e444d0d50ff7223edd9818af8a6d71ac0cb0005013158954cced4"
}