17 December 18, 16:39
Quote:Recently a group of researchers described a scenario wherein password recovery questions were used to break into Windows 10 PCs. This has led to some suggesting disabling the feature. But you don’t need to do this if you’re a home computer user.Full reading: https://www.howtogeek.com/398389/no-you-...indows-10/
So, What’s Going on Here?
As Ars Technica first reported, Windows 10 has added the option to set password recovery questions on local accounts in the past year. Security researchers delved into this and discovered that on a business network this could lead to potential vulnerability.
Right off the bat, you can spot two important points there:
There’s also a third point that’s even more important. All of this requires the malicious actor first to gain administrator-level access on the network. From there, they could then identify machines connected to the network that still have local accounts and then add security questions to those accounts.
- First, the entire scenario relies on computers joined to a domain network—the kind you’d find on a business network with managed computers.
- Second, the vulnerability applies to local accounts. That’s particularly interesting because if your PC is part of a domain, you’re almost certainly using a centralized domain user account and not a local account. And security questions are not allowed on domain accounts by default.