What Are You Doing Right Now

siringo

@JaredBusch said in What Are You Doing Right Now:

@Dashrender said in What Are You Doing Right Now:

I thought there was a "store password with reversable hash" option in AD? Granted, you should never user it.

The password is never stored. Simply the hash is easily reversible into the password.

So to dumb this down for me, when I type my password in, what I type gets hashed and if the stored hash matches my recently typed in hash, then I get access.

So it's the hash algorithm that is the important part and not the password. Is that correct?

scottalanmiller

@siringo said in What Are You Doing Right Now:

So it's the hash algorithm that is the important part and not the password. Is that correct?

Correct. The local machine sends a hash to the AD server to see if the hashes match. If the hashes match, it knows that you are who you say that you are.

JaredBusch

@siringo said in What Are You Doing Right Now:

Is that correct?

And additionally, the hash is normally not reversible. That bit of this was simply in response to what @Dashrender posted.

scottalanmiller

@siringo said in What Are You Doing Right Now:

So to dumb this down for me, when I type my password in, what I type gets hashed and if the stored hash matches my recently typed in hash, then I get access.

Right. All of the actual work and security is done on the client. All the AD DC does is say "yup, that is the hash that I have on record" or "nope, that doesn't match what I have."

JaredBusch

@scottalanmiller said in What Are You Doing Right Now:

@siringo said in What Are You Doing Right Now:

So to dumb this down for me, when I type my password in, what I type gets hashed and if the stored hash matches my recently typed in hash, then I get access.

Right. All of the actual work and security is done on the client. All the AD DC does is say "yup, that is the hash that I have on record" or "nope, that doesn't match what I have."

This is how all good applications function with passwords. The only thing ever stored is a hash.

scottalanmiller

@JaredBusch said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@siringo said in What Are You Doing Right Now:

So to dumb this down for me, when I type my password in, what I type gets hashed and if the stored hash matches my recently typed in hash, then I get access.

Right. All of the actual work and security is done on the client. All the AD DC does is say "yup, that is the hash that I have on record" or "nope, that doesn't match what I have."

This is how all good applications function with passwords. The only thing ever stored is a hash.

Right, nothing unique or special here. Really just working in the obvious way. Passing passwords around the network would be a security disaster for sure.

black3dynamite

So how does that work with cached credentials?

siringo

@scottalanmiller said in What Are You Doing Right Now:

@JaredBusch said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@siringo said in What Are You Doing Right Now:

So to dumb this down for me, when I type my password in, what I type gets hashed and if the stored hash matches my recently typed in hash, then I get access.

Right. All of the actual work and security is done on the client. All the AD DC does is say "yup, that is the hash that I have on record" or "nope, that doesn't match what I have."

This is how all good applications function with passwords. The only thing ever stored is a hash.

Right, nothing unique or special here. Really just working in the obvious way. Passing passwords around the network would be a security disaster for sure.

thanks for the info guys, it's little bits and pieces like this that get forgotten or never learnt that help fill in gaps here and there.

scottalanmiller

@black3dynamite said in What Are You Doing Right Now:

So how does that work with cached credentials?

Cached never get sent on. It's the same as a local password check.

coliver

@Obsolesce said in What Are You Doing Right Now:

@coliver Do you think this is a good recipe to follow:
https://www.thespruceeats.com/fastnacht-doughnut-recipe-427747

That's pretty much the recipe my great-grandmother left us, what little German we could translate....

The end result....I made way to many.

RojoLoco

Making a rough mix of some demo recordings. Sounding good and punchy already. And yes, that is Windows 7.

siringo

@RojoLoco said in What Are You Doing Right Now:

Making a rough mix of some demo recordings. Sounding good and punchy already. And yes, that is Windows 7.

Win7, I'd expect nothing less from a muso

scottalanmiller

Hanging out with the kids.

hobbit666

Got into work today, still loads of water about but just drive carefully and its fine.

hobbit666

Keep hearing about the "Threat" Huawei is, but where is the evidence? See a lot of articles and posts but no proof.
I'm more concerned about what Facebook, Google etc are tracking and "listening" to.

jmoore

@hobbit666 There is no proof because if there was you would hear about it nonstop. Even if they are caught doing something , to me, its no worse than what Samsung, apple, and Microsoft, and Google already do. I'll go ahead and say I'm partial to them just so you know. The reason why is that I used Apple and Samsung devices for years but nothing ever last a year hardly without being dropped or anything. I think I had one Samsung last a year and 2 months for the longest. After that they just quit working right or not at all. Maybe I've had bad luck or an anomaly, I don't know. All I know is that my 2 Huawei phones have been the best devices I ever used. I have a Mate 9 and 10 and never a single issue with either. The mate 9 is my work phone and I use all day every day. I can't tell a speed difference and it came with 64 gb storage so still have plenty of room 3 years later. Even after dropping and partly cracking the screen I cant tell a difference in how it works. My Mate 10 has a similar story except it hasnt been dropped and has 128 gb storage.

jmoore

Doing updates today, building by building. Using powershell to do it.

hobbit666

@jmoore Yeah i love all my Huawei phones, i have a P20 Pro and the kids have the Lite.
I've always been a fan and don't think i'll change (unless they stop selling phones ).

As you said imo if they are doing something everyone else most probably doing the same

Dashrender

@jmoore I had horrible luck with Android until my Nexus 6P, that was pretty decent, When it was about 1 year old, I received my first iPhone (iphone 6), which I used until given an iphone 7, which I paid for a replacement with an iphone 11 in January.

I've had really good luck with all apple phones. My wife has been rather happy with her Samsung phones since the S6. I don't know which one she has now.

jmoore

@hobbit666 Yeah I just got their smartwatch too. Its the GT. I love it. Just a small computer on your wrist. I was hesitant for a long time but finally I thought what the heck and tried it. I really like this thing. It has like 10 different watch faces you can choose from with different information on them so you can choose what you care about. It has a lot of built in software I havent even explored all of it. The other night I was cooking rice and needed a timer so remembered it had one and when I opened it it had presets for 1, 2, 5, 10, 15, 20, and 30 min. I chose one and off I went. Dont have to listen for the timer anymore because it just vibrates on my wrist now. I guess what I'm saying is everything they just seems well thought out.