For a very long time, the update mechanism for both Windows clients and Windows servers have been the same. With Windows 8 and Windows Server 2012 this has changed.
Even though I’d already found out that something had changed with the Windows 8/Windows Server 2012 update mechanism by using it, I didn’t really know what changed and why.
- Windows 8 Modern (Metro) Apps security patching does not work the same as regular security patching. For more information, read “Microsoft’s new security patching routine raises concerns“.
- Default behavior after you install an important update in Windows 8 or in Windows Server 2012 is that you receive a notice that you have to restart the computer in three days. If the restart does not occur in three days, the computer displays a 15-minute countdown and then automatically restarts. By default, this automatic restart is delayed if the computer is locked, and the countdown will begin the next time that you sign in to the computer. Update KB2835627 has been released that introduces a new registry key called AlwaysAutoRebootAtScheduledTime which enables you to configure a forced restart after installation if desired.
- This great blog post provides more insight: “Managing Updates with Deadlines in an era of Automatic Maintenance“. The reactions are also very interesting.Some of the key takeaways from this post:
- A new feature called Automatic Maintenance, runs nightly and performs various tasks such as lightly defragmenting hard drives (or TRIMming SSDs if necessary), checking, repairing, and optimizing the system component store, running anti-virus scans, installing updates, and more.
- The setting for when to download and install updates doesn’t work in the same way as it did. While you can still set Windows Update to download updates and install them automatically or not, the day-of-the-week setting is not effective. It is included in the automatic maintenance and there isn’t a way to individually specify which maintenance tasks run on which day.
- The Windows Update Agent doesn’t have to be active in the background all the time because of this. This consolidation reduces system resource usage and battery usage.
- If you want to be in control of when updates will be installed you have to use WSUS and set deadlines for updates.
Even though I understand the reasoning behind the change, I would have preferred that Microsoft gave customers options to choose their preferred method. In my opinion this method makes sense for clients, but not so much for servers.
Also for some (smaller) companies the specific day and time patching method (including downloading from Microsoft Update) worked fine and now they might have to install, configure and maintain a WSUS server (including patch approvals) to achieve the same result.
What do you think about this ? Leave a comment on either my blog or on the original blog post : Managing Updates with Deadlines in an era of Automatic Maintenance
Like this:
Like Loading...
Tags: ICT, Metro App, metro application, Microsoft, Modern App, modern application, patching, security, update, Update Management, Update Services, updates, Windows, Windows 2012, Windows 2012 Server, Windows 8, Windows Server 2012, Windows Server Update Services, WSUS
As some of you might know, the Windows 8.1 Preview and Server 2012 R2 Preview (code name Windows Blue) will become available on the 26th of June. Personally I’m looking forward to both of them and can’t wait for it. Also for those who missed it, The Windows 8.1 / Windows RT 8.1 update will be free. The final RTM version of Windows 8.1 is expected to be available August 1st.
When you’re planning to install a new version, you might want to prepare for it. Even though I tried to keep it as generic as possible, some of the steps described are not applicable to Windows RT but you should be able to understand what the goal is. You can probably also re-use these preparations when you want to update from the Preview version to the RTM version.
Preparations could include, but are not limited to:
- Determining if you can/want to install the update.
- Determining how you are going to run the Windows 8.1 Preview. Some functionality is best tested on hardware installations, but virtualized installations can be more convenient/flexible.
- Virtualized (by example using Client Hyper-V)
- Install Windows 8 already and wait for the 8.1 Preview to become available.
- Will consume more space.
- Will allow you to install the 8.1 RTM.
- Wait for full Windows 8.1 Preview ISO to become available.
- Will consume less space.
- Might not allow you to install the 8.1 RTM version.
- Physical
- Create a new Windows To Go (WTG) installation.
- On an officially supported WTG certified storage device.
- On an unofficial non WTG supported storage device.
- Create a dual/multi boot environment on a physical disk.
- Create a new installation.
- Gather required drivers and store them in an easy to access location.
- Gather applications you want to install.
- Install.
- Installation directly to disk.
- Use the boot from VHD method
- Update your existing installation.
- Ensure your important data is safe prior to updating. Even though the update should not destroy data, there is always a chance that it might.
- Ensure you have recovery media and/or create a USB recovery drive.
- Move/backup your data.
- Verify if the new location / backup contains all your data. With backups, verify if you can restore
- Sync to cloud services (Skydrive, Dropbox, Google Drive).
- Realize this is not the same as a backup.
- Document the installed applications (using PowerShell):
- For Modern/Metro applications:
Get-AppxPackage | Export-Csv -NoTypeInformation -path “C:\MyMetroApplications.csv”
- For regular applications:
Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Select DisplayName, DisplayVersion, Publisher, InstallDate, HelpLink, UninstallString | Export-Csv -NoTypeInformation -path “C:\MyRegularApplications.csv”
- Check if your current Windows 8 installation is healthy and if it is not, make it healthy again before installing the 8.1 Preview.
- Install 8.1 Preview when it is available through the Windows Store
- In the past I’ve seen issues with Service Pack updates caused by anti-virus solutions. So you might want to disable it until the installation has completed.
- If you get an error “The windows 8.1 preview isn’t available right now. Please try again later.” take a look here.
With TechEd Europe 2013 in Barcelona and the Microsoft Build 2013 in San Francisco this week there’s probably a lot more news coming. So you might want to keep an eye on news on all websites. You can also check live streams on Channel 9.
I hope this was informative. If you have any other questions, suggestions or just want to share what you’re looking forward to the most, please leave a comment.
Like this:
Like Loading...
Tags: appx, Build, Channel 9, channel9, Computex, disk cleanup, DISM, ICT, Metro, metro application, Microsoft, modern application, New in Windows 8.1, Outlook 2013 RT, preparation, preparations, Preview, requirements, security, teched, treesize, treesize free, what's new in Windows 8.1, Wikipedia, Windows, Windows 8.1, Windows 8.1 Preview, Windows To Go, WTG
Nowadays more and more work, communication and collaboration involves multiple external parties. This can involve by example employees, customers, partners, suppliers, cloud providers/platforms/applications.
This means it is becoming increasingly important to have proper authentication and authorization methods in place for single sign on (SSO) so users can be more productive. Besides the ease-of-use It can also lead to better security.
Microsoft’s Active Directory Federation Services (ADFS) will make this possible. For more information on ADFS, here are some resources. Keep in mind though that while some information may be outdated, it will give you a broad idea of the concept and the inner workings. The current version of ADFS in Windows Server 2012 is 2.1 , while Windows Server 2008 uses 2.0
PS: Microsoft is moving more and more towards claims based authentication. Examples include Windows Server 2012 Dynamic Access Control and also SharePoint 2013 that has switched to claims based authentication by default now.
If you have some other resources that might be useful, please let me know so I can add them as well.
Like this:
Like Loading...
Tags: Access control, Active Directory, Active Directory Federation Services, ADFS, ADFS 2.0, ADFS 2.1, authentication, authorization, Azure, Cloud, configure, configuring, Deploy, deploying, Dynamic Access Control, federated identity, ForeFront UAG, IAAS, ICT, jump start, Microsoft, Microsoft Intune, Office 365, PKI, plan, security, Sharepoint, Sharepoint online, singe-sign-on, Single Sign On, SSO, Technet, Threat Management Gateway, TMG, UAG, Universal Access Gateway, virtual lab, Windows Azure, Windows Server 2008, Windows Server 2012
As I already wrote in yesterday’s post Apple – Notes / summary for the “Mac Integration Basics 10.8 Exam”, I’ve mainly been working with Microsoft products all my life. Since recently however, I’m also trying to get more familiar with Apple, Mac products and OS X and am trying to become certified.
One of the reasons, I’d never used Apple products before was because I never really deemed it necessary. Nowadays the number of Mac users seem to be growing and there is more demand for people with Mac / OS X knowledge.
As such my quest for knowledge and certification began. For me personally this meant:
- Using Apple online resources
- Reading books (mainly the great book Apple Pro Training Series: OS X Support Essentials. Before purchasing, you might also want to look for coupon codes as it might save you 30% off or more.)
- Watching computer based training (CBT) videos
- Working with OS X (thanks go out to my employer Open Line for providing me with a MacBook Pro, books and most importantly … TIME)
- Personally I didn’t think it was necessary to take a course at a training center, but some people might prefer this.
- Asking colleagues for help (thanks guys !!!)
- Making sure that I understood everything and if it wasn’t the case, look it up.
- Taking notes / creating this summary blog post that can be used as a reference if needed
- Testing my knowledge using test questions from Revise IT
I’ve taken the exam last friday and passed with 92.5%. Even though I think it was a pretty good score, I still had to make some educated guesses. This made me realize that there’s still a lot to learn and that getting more experience is important as well.
I also want to mention that I took the exam at LAI the training institute for IT professionals in Schiedam (The Netherlands). They were really kind, helpful and service oriented. The waiting area and test room were great and they even provided a pastry and all kind of drinks at no charge. This has been my best test taking experience to date, so keep up the good work guys.
I’m looking forward to attending the OS X Server 10.8 course at LAI the training institute for IT professionals at the end of March. I’ll try to create another blog post about this as well.
But now back to the important stuff, here are my notes/summary. I hope it is useful. If you find any errors or have any suggestions, please leave a comment.
Notes / summary for the “OS X Support Essentials 10.8 Exam”
Read the rest of this entry »
Like this:
Like Loading...
Tags: .mobileconfig, .Spotlight-v100, .spx, 32-bit, 64-bit, 802.1X, About this Mac, Access Control Entries, Access Control Lists, accessibility, ACE, ACL, ACSP, ACTC, Active Directory, Activity Monitor, AD, ad-hoc, ad-hoc network, Address Book, Address Resolution Protocol, address space layout randomization, Administrative user, advanced search, Advanced Technology Attachment, AES, AFP, AFP 2, AFP 3.1, Agents, AirDrop, Alias, alternative data stream, AoL, APIPA, APM, App Store, appfirewall.log, Apple, Apple Certified Associate, Apple Certified Associate - Mac Integration 10.8, Apple Certified Support Professional, Apple Certified Support Professional (ACSP) 10.8, Apple Certified Technical Coordinator (ACTC), Apple Certified Technical Coordinator (ACTC) 10.8, Apple Filing Protocol, Apple Hardware Test, Apple ID, Apple Mac OS X, Apple menu, Apple online mail Setup Assistant, Apple Partition Map, Apple Remote Desktop, Apple Rmeote Desktop, AppleFileServer, AppleScript, AppleVNCServer, application, Application Resource Troubleshooting, Application Sandboxing, Application Support, Application Troubleshooting, Applications, ARD, ARDagent, ARP, assistive technologies, Associate certification for Mac Integration, audio conferencing, authentication, authorize, auto discover, Auto Resume, Auto Save, Automatic Resume, automatic updates, Automator, backlight, backup, Backups.backupdb, backwards compatible, bidirectional, binary encoded, Bluetooth, Bluetooth PAN, BlueTooth Preferences, Bluetooth shairng, Bonjour, Boot Camp, boot rom version, boot.efi, bootd, booter, bootpd, browser, BSSID, Build, bundles, cable, cabling, CalDAV, Calendars, Calendears, camera, Carbon, CardDAV, central software update server, certificate, Certificate assistant, certificates, certification, certify, chmod, chown, CIDR, CIFS, Cisco IPSec, Classic Compatibility environment, Classless Inter Domain Routing, Classless InterDomain Routing, CLI, client-server architecture, Cocoa, code signed, collaboration services, command, Command Line Interface, Commands, Common Unix Printing System, configuration, Configuration Profile, Connect To Server, Connection Doctor, Console, Contacts, Core Audio framework, corrupt, corruption, CPU, Cross Platform, CrytpoCard, CUPS, customization, Daemons, daisy-chained, dark-wake, dark-wakes, dark-waking, darkwake, darkwakes, Dashboard, data management, deactivate, delete, desktop, Device driver, DFS, DHCP, DHCP services, diagnose, diagnostic, digital camera, digital display, Directory, Directory utility, disconnect, Discoverable mode, disk images, Disk Utility, display, DisplayPort, Distributed File Service, DNS, DNS services, Dock, Document management, Document Versions, documents, Domain Naming System, downloads, drag-and-drop installation, Driver, Drop Box, dscacheutil -flushcache, Dual-Link DVI, duplex, Duplicate, DVD or CD sharing, DVI, dynamic disk repartition, dynamic disk repartitioning, Dynamic Host Configuration Protocol, Dynamic memory, Dynamic service discovery, e-mail, effective permissions, EFI, eject, Encrypted IMAP, Encrypted POP, Encrypted SMTP, encryption, Ethernet, Everyone, EWS, Exam, Exchange, Exchange Web Services, Execute, execute disable, ExFAT, expansion buses, export, ExpressCard 34, Extended File Allocation Table, eXtensible Messaging and Presence Protocol, Extensions, Facebook, FAT, FAT32, Fibre Channel, File Allocation Table, file archives, File Quarantine, file server, File shairng, File share, File Sharing, file sharing protocols, File Sharing services, file system, File System shortcuts, file systems, fileserver, FileVault, FileVault 2, FileVault2, Find My iPhone, Find My Mac, Finder, Finger, Firewall, Firewire, firmware, Firmware Password Utility, flash disk, flash drive, Flash Storage, flickr, font, Fonts, force quit, forked file system, forward lookup, Framework plug-in, Framworks, Free Berkely Software Distribution, FreeBSD, fsck, FTP, FTPS, full disk encryption, full restore, Gatekeeper, Gbit, Get Info, Gigabit, Gmail, Go, Gopher, GPRS/3G, GPT, group, guest, guest user, gui, GUID, hard link, hardware, HDMI, hex, HID, hidden files, hidden folders, hidden items, home folder, Host Sharing Services, HP Jetdirect, HTTP, HTTPS, hub, Human Input Device, iChat, iCloud, iCloud iMessage, iClpid integration, IEEE-1394, IM, iMac, Image Capture App, Image Capture Framework, IMAP, iMessage, import, incorrect, index rebuild, Info, Inspector, installation method, installation package, InstallESD.dmg, Instant Messaging, internet, Internet Printing Protocol, Internet protocol, iOS, IP, IP address, iPad, iPhone, iPod, IPP, IPsec, IPv4, IPv6, iTunes, Jabber, Java applications, Java preferences, Java SE 6, Java SE 7, Journaled, Kerberos, kernel, Kernel Extension, kernel_task, KEXT, Keyboard, keychain, Keychains, Keynote, killall -HUP mDNSResponder, L2TP, L2TP over IPsec, LaunchAgents, launchd, LaunchDaemons, Launchpad, LDAP, Legacy AFP, Legacy Applications, Legacy FileVault, library, Library Randomization, Line Printer Daemon, link-local, listening key, local snapshot, location services, lock, lock screen, Login Keychain, login message, loginwindow, logout, Logs, Lookup, LPD, mac, MAC address, Mac App Store, Mac App Store and identified developers, Mac Integration Basics 10.8, Mac Integration Basics 10.8 Exam, Mac mini, Mac OS Extended, Mac OS X, Mac OS X 10.8 Mountain Lion, Mac Pro, MacBook, MacBook Air, MacBook Pro, machine authentication, mail, malware, managed user, manual restore, MAPI, Master Boot Record, Master Password, MAx OS Extended (Journaled), Maximum Transmission Unit, MBR, MCS, MDM, memory, Messages, Messages Screen Sharing, Messaging services, metadata, Microsoft Exchange, Migration Assistant, mobile device management, modifier keys, Modulation and Coding Scheme, mount, Mountain Lion, Mouse, mouse keys, Movies, MS DOS, MTU, Music, named, NAT, natd, Native OS X applications, Netbios, NetBoot, Netstat, network, Network Address Translation, network configuration, Network Diagnostics, Network File System, Network folder, network servcies, Network Service, network service account settings, Network Utility, NFS, NIS, No Access, notes, notifications, Numbers, NVRAM, octet, Open Directory, Open in Low Resolution, Open Systems Interconnection Reference model, OpenType, Oracle, Organizationally unique identifier, OS X, OS X 10.8, OS X 10.8 Mountain Lion, OS X internet recovery, OS X Launch Services, OS X Mountain Lion, OS X Recovery, OS X Server, OSI, OSI model, OUI, Outline fonts, Owner, packages, Pages, pair, parental controls, paring, partitioning, Password, password hint, passwords, PCI Express, PCIe, PDF, PDF tools, peer-to-peer, per-user authentication, peripheral buses, peripherals, Permissions, Personal Firewall, Photo Stream, PHY, Pictures, PID, Ping, plist, Point-to-Point Protocol over Ethernet, Point-to-Point Tunneling Protocol, policy banner, POP, port, Port Scan, Portable Document Format, ports, POSIX, POST, PostScript, PostScript Printer Description, Power Nap, Power On Self Test, PowerNap, PowerPC, PPD, PPoE, PPTP, preference file, PreferencePanes, Preferences, Preview, print, Print & Scan, print job, printer queue, Printer Sharing, printer spool, Printing, privacy, Process Features, Process ID, Process Security, Process Types, profile, Profile Manager, profiles, property list, Protected memory, protocols, Proxy, public, Quick Look, QuickTime, raid, Read, Read & Write, Read Only, Real Mem, Received Signal Strength Indication, reconnect, recovery, Recovery Disk Assistant, Recovery Key, referral, Remote Apple Events, Remote Disc, Remote Login, Remote Management, Reset permissions, resetpassword, restore, restore DVD, Retina, Retina display, Reverse lookup, Root, Root user, Rosetta, RSA SecurID, RSSI, RTSP, S-Video, Safari, safe boot, safe downloads list, Safe Sleep, sandbox, Sandboxing, SATA, Scanner sharing, Screen Sharing, SCSI, Secure Empty Trash, secure erase, Secure FTP, secure memory, security, Security & Privacy, self-assigned, Serial ATA, Serial Attached SCSI, Serial Number, Server Message Block, Services For Macintosh, Setup Assistant, SFM, SFTP, Shared, shared secret, sharing only user, shortcuts, Shutdown, side-by-side, Sidebar, Single Sign On, single user mode, Sites, sleep mode, Small Computer System Interface, SMB, smbd, SMTP, Socks, speakable items, speed, spoken commands, spool, Spotlight, Spotlight index, spotlight plug-ins, spotlight search, srm, SSD, SSH, SSH daemon, SSH File Transfer Protocol, sshd, SSO, standard user, Startup Items, startup keyboard shortcut, startup keyboard shortcuts, startup shortcuts, StartupItems, StdExclusions.plist, Stealth, Stealth mode, sticky keys, storage, storage buses, sudo, summary, Symbolic link, Symmetric multiprocessing, system, System Administrator, System information, system kernel, system launchd, System Memory, System Preferences, System Profiler, System resources, System Screen Sharing, System Security, System Security Settings, system sleep, system startup, SystemStarter, target disk mode, TCP, TCP/IP, Terminal, TextEdit, Thunderbolt, Time Capsule wireless base station, Time Machine, Time Machine local snapshot, TOSLINK, Traceroute, trackpad, Trash, troubleshooting, Troubleshooting Utility, TrueType, Twitter, UDP, UEFI, UFS, Universal Serial Bus, Universally Unique ID, UNIX, UNIX BSD, UNIX commands, Unix File System, UNIX permissions, unmount, update, updating applications, USB, USB cellular, user, user account, user account information, User authentication, User Datagram Protocol, user launchd, users, Users & Groups, UUID, vector fonts, verbose logging, Verbose mode, verification, VGA, video conferencing, vimeo, virtual interface, Virtual Private Network, VMware Fusion, VNC, VoiceOver, VPN, VPN on demand, web site, WebDAB, website, WEP, What's Keeping Me, Whois, wi-fi, Wi-Fi Diagnostics, Wide-Area Bonjour, Widget, Widgets, Windows, Windows Server, Windows Server 2008, WINS, WKM, workflow, WPA, WPA Enterprise, WPA2, WPA2 Enterprise, Write, Write Only, XML, XMPP, XProtect.plist, Xserve, Yahoo, Zero Configuration Networking, Zeroconf, zip, zoom
Last sunday I warned about a major vulnerability in Java.
It wasn’t expected that Java would come have an update available this quickly, but it is good that they did. So be sure to update to Java 7 Update 11 : http://java.com
Like this:
Like Loading...
Tags: Apple, chrome, Cisco, firefox, Google, google chrome, IE, Internet Explorer, Intrusion Prevention System, IPS, IPS signature, Java, Microsoft, Microsoft IE, Microsoft Internet Explorer, Mozilla, mozilla firefox, MS IE, Oracle, OS X, plug-in, plug-ins, plugin, plugins, security, security issue, Signature, US-CERT, vulnerability, Windows, Windows 7, Windows 8, Windows Server 2003, Windows Server 2008, Windows Server 2008R2, Windows Server 2012, Windows Vista, Windows XP
[EDIT 14-01-2013]
Oracle release Java 7 Update 11 to fix this security issue. Be sure to update: http://java.com/
[EDIT]
Normally when I read about security vulnerabilities, I don’t really get a sense of urgency.
With the current Java vulnerability however, I do feel like people have to act quick because there are so many respected companies and even countries actively taking action:
Apparently this vulnerability is actively being exploited already and Oracle hasn’t released a Java fix yet. You might want to consider a combination of the options below:
Personally I like the way FireFox is handling the issue because it blocks by default, but allows users to easily override this behavior for specific sites. Also I’m getting quite fed up with all these Java security vulnerabilities lately 😦
I’d like to know what you’ll be doing. Have you or are you going to disable Java ? Which methods will you use ? Why ?
Like this:
Like Loading...
Tags: Apple, chrome, Cisco, firefox, Google, google chrome, IE, Internet Explorer, Intrusion Prevention System, IPS, IPS signature, Java, Microsoft, Microsoft IE, Microsoft Internet Explorer, Mozilla, mozilla firefox, MS IE, Oracle, OS X, plug-in, plug-ins, plugin, plugins, security, security issue, Signature, US-CERT, vulnerability, Windows, Windows 7, Windows 8, Windows Server 2003, Windows Server 2008, Windows Server 2008R2, Windows Server 2012, Windows Vista, Windows XP
Last week I got a beta exam invite for exam “70-688 Managing and Maintaining Windows 8” (in beta it is 71-688). As with most beta exams lately, you only have max two weeks to prepare and there are no books available yet that you can use to study. Therefore I start with looking at what skills are being measured and if there are preparation guides available. From there on I start looking for relevant learning resources for each subject and adding them to the skills that are being measured for easy future reference.
I hope it is useful for you as well.
Read the rest of this entry »
Like this:
Like Loading...
Tags: 070-688, 071-688, 70-688, 71-688, ACT, Action center, AEM, Agentless Exception Monitoring, App-V, App-V 5.0, application compatibility toolkit, application reputation, Application Virtualization, Applocker, asset, asset inventory, authentication, Azure, backup, bcdboot, bcdedit, Beta, biometrics, BitLocker, BranchCache, certificate, client hype-rv, CMAK, computer inventory report, ConfMgr, ConfMgr 2012, ConfMgr2012, Connection Manager, Connection Manager Administration Kit, DaRT, DaRT 8, DCA, DEM, deployment strategy, Desktop Error Monitoring, Diagnostic and Recovery Toolkit, DirectAccess, DirectAccess Connectivity Assistant, disk image, disk image backup, DISM, DNSSEC, domain, EAS, EFS, EHD, Encrypted Hard Drive, Encrypting File System, Endpoint Protection, Exam, Exchange Active Sync, Exchange Activesync, file history, find and fix problems with devices, Firewall, folder redirection, group policy, hardware, hardware and devices troubleshooter, high-touch, Hyper-V, image, IPv4, IPv6, Learning, learning resource, learning resources, lite-touch, Live Mesh, live service, live services, LiveMesh, local account, Managing and Maintaining Windows 8, MBAM, MDOP, MDOP 2011 R2, metered network, metering, metro application, microsoft account, Microsoft Application Virtualization, Microsoft Azure, Microsoft Bitlocker Administration and Monitoring, Microsoft Desktop Optimization Pack, migrate, migration, mobile, mobile device, mobile device management, multifactor authentication, name resolution, native boot, Near Field Communication, network, network metering, NFC, off-network, Office 365, Office 365 Desktop Setup, offline files, Packaged App, PC refresh, PC reset, picture password, Powershell, PowerShell Remoting, prep guide, preparation, preparation guide, prepare, print management, printer, rdp, RDS, Recimg, Recimg.exe, recovery drive, recovery media, remote access, remote desktop protocol, Remote Desktop Services, Remote Server Administration Tools, RemoteApp, removable storage devices, report, roaming profiles, roaming user profiles, RSAT, SCCM 2012, SCCM2012, Secure SIM, security, shim, sideload, sideloader, Skydrive, Skydrive Pro, smart card, Software Restriction Policies, SRP, Storage Spaces, study, Sync center, System Center, System Center 2012, System Center 2012 Endpoint Protection, System Center 2012 Endpoint Protection client, System Center Configuration Manager, System Center Configuration Manager 2012, System Center Desktop Error Monitoring, System Center Endpoint Protection, system restore, trust, trust relationship, Trusted PC, two-factor authentication, UE-V, upgrade, upgrade path, User Experience Virtualization, user state migration tool, usmt, VDI, vhd, Virtual Desktop Infrastructure, virtual hard disk, virtualization, VPN, wet, Windows, Windows 7 file recovery, Windows 8, windows 8 application, Windows 8 FIle History, Windows 8 Image, Windows 8 PC refresh, Windows 8 PC reset, windows 8 upgrade path, Windows Azure, Windows Defender, windows easy transfer, Windows Firewall, Windows Intune, Windows Recovery Environment, Windows store, Windows To Go, Windows Update, wireless, workgroup, WRE, WSUS, zero-touch
Context
If you’re anything like me, you’ve created your fair share of user names and passwords over the years and it is likely that many more will be added in the future as well. To complicate things even more, you are probably using multiple different user names and passwords because of different requirements. Possible reasons:
- Username (because your desired username might not meet the requirements or might already be in use. Or because your -email is used as your username)
- Minimum number of characters.
- Maximum number of characters.
- (Specific) special characters required.
- (Specific) special characters not allowed.
- x number of upper case characters
- x number of lower case characters
- x number of digits.
- x number of special characters.
- Password needs to be changed every x days.
Because of the large number of accounts (I have about 200-300 accounts) it is impossible to remember them all. Even though it might be tempting to use (a couple of) the same username and password combinations for logging on, this is not recommended because it is a security risk. When one of the places where you use a specific user/password combination is compromised, all other places where you use this same combination are at risk too. In this post I will try to describe some challenges and what you can do about it.
Read the rest of this entry »
Like this:
Like Loading...
Tags: account, authentication, backup, best practice, best practices, certificate, Dropbox, encryption, Google Drive, keepass, keepass password manager, key, key file, keyfile, license, licenses, management, Microsoft Skydrive, mult-factor, mult-factor authentication, multifactor, multifactor authentication, Password, password generator, Password management, password manager, password recovery, secure, security, serial, serials, Skydrive, synchronization, user account, user name, username
blog.bjornhouben.com 