pimterry@lemmy.world to Cybersecurity@sh.itjust.works · 10 months agoBitwarden Heist - How to Break Into Password Vaults Without Using Passwordsblog.redteam-pentesting.deexternal-linkmessage-square6fedilinkarrow-up148arrow-down18
arrow-up140arrow-down1external-linkBitwarden Heist - How to Break Into Password Vaults Without Using Passwordsblog.redteam-pentesting.depimterry@lemmy.world to Cybersecurity@sh.itjust.works · 10 months agomessage-square6fedilink
minus-squareironeagl@sh.itjust.workslinkfedilinkarrow-up9·10 months agoSo if I understand correctly, if the user had enabled Windows Hello, then there is an (intended) “backdoor” access to Hello credentials by the Domain Admin? And this has now been resolved by Bitwarden because Microsoft says it was intended behavior.
So if I understand correctly, if the user had enabled Windows Hello, then there is an (intended) “backdoor” access to Hello credentials by the Domain Admin? And this has now been resolved by Bitwarden because Microsoft says it was intended behavior.