Thread 509164414

what can you realistically do now?

July 2025: You won't be able to use the autofill password function.
August 2025: You'll no longer be able to use saved passwords.

https://support.microsoft.com/en-us/account-billing/changes-to-microsoft-authenticator-autofill-09fd75df-dc04-4477-9619-811510805ab6

Microsoft Authenticator houses your passwords and lets you sign into all of your Microsoft accounts using a PIN, facial recognition such as Windows Hello, or other biometric data, like a fingerprint. Authenticator can be used in other ways, such as verifying you're logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your Microsoft accounts.
In June, Microsoft stopped letting users add new passwords to Authenticator, but its gonna get progressively worse now.

You need to log in with your:
>eye scan
>finger scan
>facial scan

>>509164414 (OP)
You save passwords? I don't.

>>509164414 (OP)
I use Bitwarden

>>509164414 (OP)
>using anything that needs passwords on widnows

>>509164414 (OP)
for me it's keepass

>>509164414 (OP)
My work made us download this as 2 factor authentication for our accounts but don't think I've ever used it past the first day

>>509164414 (OP)
>leave PC unattended for 30 seconds
>hacker comes in
>opens chrome.exe
>everything is literally authenticated already with 4 hour timeouts

bros this is not about making your account more secure

>>509164916
#1 tech chad ITT
>>509164627
#2

>>509164414 (OP)
i dont use a password for windows, its worthless and any attacker can circumvent it with ease. even every amateur can enter "circumvent windows login" into a searchprogram. better use full disk encryption (not the one from windows where LEO has the backup-keys) and have an off-site backup in case your house gets raided / bombed / arsoned

for webbrowser i just save passwords in firefox, deleted the poor chrome-imitation windows comes with "edge" or whatever

everything else is saved in good old plaintext .txt on my desktop (not kidding)

as for "non-important" computers - why would you use a password at all? to prevent your 11 year old to use it?

>eye scan
>finger scan
>facial scan

just some datagrab from NSA & Co, wont do this

>>509164615
sure, its comfy and saves me typing it in every time. only the initial bootup-password has to be entered. everything else is automated as it should be

>>509164414 (OP)
I never needed a Microsoft Account.

>>509164414 (OP)
If you know how to self host services in docker, you could use vaultwarden - I haven’t done it yet, but probably will eventually. Only thing sketchy is you gotta have RAID or mirroring and offsite backups, if it’s all your important passwords, because you’re SOL if a drive fails or the server fails.

>>509165550
this

Wtf happened to floppy disks

>>509164414 (OP)
True chads like me use an encrypted password file that I manage with a simple bash script on my Linux PC. I'm also trans

>>509164414 (OP)
I don't even know what that globohomo shit is it's for broccoli girls

>>509165540
Yah but you don't give two shits about security so your opinion is irrelevant in this thread of discussion.

>>509165550
Do you think it stops at Microsoft if it goes over "well"? What happens if your job requires you to have an account somewhere and it does the same? Meanwhile the App will only be for Android or iOS of this version or above, ensuring you have the latest device. This will all be for your own security or something lol.

Just remember them

>>509165022
I heard the claim that passwords fall under protected speech and or 5th amendment. But if there is no password, your shit is just sitting on someone elses computer and they can be compelled to give it to police without you complying.

>>509164414 (OP)
Good, fuck jeets trying to spam entry into your account

>>509164414 (OP)
you will NOT remember passwords

>>509164414 (OP)
Haven't run into this problem.
I use Mint, by the way.

>>509164927
I need to use it like every 3 months. I have an entire company phone for literally 2 authenticators. Also fk company phones I always lose them every 2-3 years.

>>509164414 (OP)
Yep, they are now forcing PINs on everything. Google is doing the same. They want total data control over everything you do.

>>509164414 (OP)
>Using a Microshaft app for your Macroshit Wangblows niggernet passwords

I save my passwords in a text file.
Because none of them are memorable. They're all random character strings for security.

>>509164414 (OP)
>what can you realistically do now?

Pen, paper, and single-character offset cypher?
You guys know you can use dye from a stick to make marks on thin tree-slices, right?

Not telling, just saying.

>>509164414 (OP)
>You need to log in with your:
>>eye scan
>>finger scan
>>facial scan

When that's a requirement to use, Linux is the answer. Everyday gets closer..

>>509166075
YOU LINUX FAGS ARE ONLY REASON WHY NOBODY USES LINUX

>>509164414 (OP)
>You'll no longer be able to use saved passwords.
It's not licenced by Microsoft you fucking moron. Just use another app. The algorithm behind is the same. Fucking idiot.

>>509164414 (OP)
>what can you realistically do now?
Not log in to shit that doesn't let me. Not my problem
>>509165887
My job already has my full doxx, I'll use my work device to log in if needed, big whoop.

>>509164615
I use the same password I used for past 20 years and it was leaked 3 times already on darknet

>>509164414 (OP)
compubros, isn't a "PIN" also a password?

>>509167601
I use the same password for my company account as I use fir porn sites. If my company gets hacked that just means bonus free time from work.

>>509164414 (OP)
https://www.youtube.com/watch?v=bpTFknnGwD0

https://www.youtube.com/watch?v=GFv7niaYvmM

>>509164414 (OP)

they started subsidizing the MFA market about 2 years ago by selling MFA tokens for $1 per month when competition like DUO was $20 a month. It's clear they are trying to take over a significant enough chunk of the MFA market so they can then force an ID system through it.

SteamOS is almost here.

>>509164414 (OP)
Use keepassxc and stop being a nigger dumbass imagine using microsoft products holy shit

grok i have 5 minutes left to live,how do i succ my own peepee

>>509167601
I'm just laughing at you having to live in a pod with the latest updoots on all the pod devices and accepting it like a slug

>>509169331
Not my devices not my problem. Why would I care? It's literally stuff I do representing my employer, not myself.
And this is yurop so if my employer should, for some reason, demand me to do anything illegal, it'd be pretty easy to sue their ass, and they can't fire me. Or worst case scenario just leave lol.

>>509164414 (OP)
Passwords are retarded. Forced 2FA is far more secure. You need a physical device to access your accounts.

>>509164615
My password is literally Ahhhhhhhh for any website that lets me

>>509168110
Also, you will no longer be able to log into your Microsoft account on anything BUT windows 10.

>>509165022
>Some nigger in China runs an algorithm to guess your passwords.
>3+ months of attempted sign in notifications
>Enable 2FA
>Guesses your password, doesn't have your authenticator
>Tough shit chinigger

>>509165022
If this shit happens he already has more than enough control, 2fa won't do shit if you login from one device, they can clone your session retard, Microsoft is a jeetium company that's why they have no clue

>>509164414 (OP)
I don't trust auto fill because if someone steals your device they have access to every account.
Also I manually log out of services and websites when I'm done then wipe the history.
Security should be implemented in many layers and is more important than convenience.

>>509166681
Stop eating liquid jeetslop poo and switch to Linux or MacOS you poor cunt

>>509167879
Same, half of me thinks the password security shit is all overblown unless you’re an idiot entering personal information into unknown sites or answering spam emails and phone calls

>>509164927
Same

>>509169931
This shit doesn't work because to get a security certification every service needs to have a ratelimit on wrong password attempts per IP. Even if they have 10000 IPs they would need to try billions of passwords to get yours.

>>509169809
>You need a physical device to access your accounts.

Stripe and Chip on our laminates, every machine in the building has a chip-reader, even the copiers.

"Immediate Access" is what the company called it. Kek.
They think it is great, as do I.
PicRel.

You gotta change your passwords at least every quarter. It sucks but it has to be done because jeets.

Stop using tech completely

>>509170078
>macOS
somehow you are even more retarded than linuxfags

>>509164414 (OP)
use literally any other app?

>>509164414 (OP)
>company that can't even deprecate NTLM telling me about being passwordless
Pot, meet kettle.

>>509165550
never had a job that used sharepoint or exchange?

I've been using passkeys and I want to use them all the time

>>509170316
Cant. Its the 21st century.

>>509164414 (OP)
When do we get the penis scan option?

>>509170707
>When do we get the penis scan option?

When the HR Karens start going to the gym and having salads for lunch

Until then, hands off.

>>509170442
>https://support.microsoft.com/en-us/account-billing/changes-to-microsoft-authenticator-autofill-09fd75df-dc04-4477-9619-811510805ab6


This is only for mobile though right?

We have a salesteam that is older than dirt and i dont know how theyd handle this.

Accessing our sharepoint and exchange wont be an issue on PC right? That's what im reading at least.

Kinda glad to see this news instead of being unable to prepare for it. Love /pol/ so much.

I dont understand the need of a password manager. I get it if you are a financial/logistic company that manages thousands of personal accounts daily, but on a personal level, all you need to do is to create a txt file and write with your passwords in it, zip it, and lock it with a relatively complex code on it. That code you can either memorize it, or write it down in a cryptic way only you can solve. Have that encrypted zip filev stored in a usb your phone(and in a 3rd device as a back up) and use it every time you need to log in somewhere

I use leenoox

>>509170224
Yeah but in this case it's biometric authentication from your phone. Small price to pay to know you don't have to change your passwords every 3 months.

>>509170106
It's *mostly* people who fall for phishing scams or download malware, but the other side is sites or services getting hacked and having user data like username/email/password combinations exposed.

I've got about a dozen different username/semi-strong password combos I use so I can memorize them all and don't have to have them recorded or saved anywhere, but the downside is I've got to check services like haveibeenpwned every month or so to make sure none of the sites I have accounts on have been breached. I had one of my combos exposed in a breach last year and had to resecure a bunch of accounts.

It sucks that this is the state of things now. Twenty-five years ago I had one email and password for everything and I never got a single spam link or phishing email. Now I'm just constantly anxious about cyber security shit.

>>509170209
That doesn't stop them from trying. I used to get emails where some retard using a VPN from Taiwan was trying to access my email and one day I got a text at 3 am that he succeeded somehow but he didn't have my authenticator

>>509169931
Not how it works.
On windows you always have a password, even if you don't see it or have access to it. Most these auth apps that's ping your phone and shit just use some API to place themselves as an auth provider, similar to OpenSSH for windows.

>>509170862
>every time you need to log in somewhere
That's the main issue. People nowadays have so many accounts on so many sites and services that they use on a daily or weekly basis and it's too much of a time sink to be decrypting and re-encrypting files every time you want to sign in to one.

>>509170984
It's outlook. Microsoft does their own authentication. It's a combination biometric scanner and password less login where you need access to your phone

Looks like SIM swap attacks will be on the rise. Better call your carrier and have them lock your phone sim and require some type of pin/pass to access your mobile phone account.

2FA/MFA is gay as fuck and totally unneeded for local accounts. But the nigger faggot trannies running the tech companies want to push globohomo.

>>509170853
MFA is still going to work, they're just dropping password support for other apps.

Also, MFA isn't bulletproof and I've seen hackers get around it. Just dealt with it today.

>>509164414 (OP)
Stop using windows you faaaaaaaags

>>509171072
>2FA/MFA is gay as fuck and totally unneeded for local accounts

Do you think they're using this for local accounts?

>>509164414 (OP)
>try to push a yubico subscription on the company to avoid having to use this pile of shit
>company refuses, forces us to install this on our own phones
>IT now has access to all authentication attempts with location data

they are using the fact that most companies that use windows are fucking cheap bastards, if you are told by your company to install this, ask for a yubikey instead and say your phone is too out of date (there is an OS requirement in order for azure to actually trust the device as an authenticator, if your phone is too far out of date it can't be trusted by the platform)

>>509171100
not everyone wants to perform 6 steps in troonix to install a browser and then get random kernel boot failures once a month

NEVER use a microsoft or google product to keep anything important to you. These two companies (especially google) are prone to discontinue products on a whim, with very short notice and with no provision to allow users to migrate whatever they had it saved there to a new platform.

>>509171055
It still has a password in some ldap server somewhere. That's how winauth works.

>>509165856
you did not read my post did you?

>>509171124
Sorry it’s been a long day. I was trying to imply that if we all got to keep local accounts and didn’t have this gay online bullshit from microshit then this MFA “fix” wouldn’t even be necessary.

>>509170870
>it's biometric authentication from your phone.

Unless you have a cable hanging from every machine it's just as stupid. If you can capture the exchange you have all you need.

>>509166580
Yah pretty much. Jeets are fucking up the system so bad with the direction of neurotic Maldivians that Linux is becoming the only viable solution to this problem.

>>509171124
Yes and you'll need your COVID-19 pass to sign in.

>>509170707
after next years penis inspection day
we call it "Penisinspektionstag" here

>>509171429
I mean you can manage a local mail server but how do you think email works? what good is email that has no connection to the outside world? or cloud hosted/shared files? Or virtual workspaces?

>>509164414 (OP)
>you won't be able to use the autofill password function.
Yes you will. Kill yourself you fucking retard.

>>509164414 (OP)
>using anything microsoft except a barebones unupdated and feature-stripped OS
Keep a locally stored winauth file, and a sticky note with random text on the back side stuck to your desk or the back of the monitor just to fuck with people.

>>509165974
You're halfway there, and I'm surprised this comment doesn't have more attention.

You cannot be compelled by a court to give up a passphrase or even an unlock pattern because, being information of the mind, it is protected by the 5th amendment right against self incrimination. Your fingerprints, DNA, iris scans, passwords stored on hardware or written on paper, etc etc are only protected partially by the 4th amendment, given that it's information of the physical nature and a judge can compell you to give those up.

Don't be a retard, memorize your passwords using the memory palace technique.

>>509164414 (OP)
>what can you realistically do now?
stop supporting microsoft

>>509164615
>>509164414 (OP)
Xbox has been defaulting to "enter a pin we send to your email"

You can tell the entire company is ran by jeets that think this email verification shit is the gold standard

Thank God I quit gaymen many years ago
They can lock me out, I'll never use another one of their services in my life

Microsucks can eat my ass

>>509164414 (OP)
okay how the fuck do Authenticators work pls no bulli im legally a retard

you get an app and give it a code and what it has your secret numbers that get updated every 2.5 seconds somehow and this is a trustworthy platform why?

>>509165974
Correct. Biometrics can be warranted, but password reveals can't be forced because of the 5th amendment and 1st.

>>509166124
They can subpoena another company to unlock your shit. And barring that, if the "password" is biometric, they can just scan you and unlock it.
They realized theyr were never gonna crack 1024bit encryption using passcodes, so they will get you to use your fingerprint which is easy to acquire.

>>509167941
No. It's a code. There's no word.

>>509164414 (OP)
My passwords are secure and they're all different. This is a security "feature" to accommodate retards. My password system worked just fucking fine and I never get locked out of my shit, fuck you microsoft.

>>509169811
Damn bro jannies can see your IP address, also people can see your address by getting you to click links and hackers exist that can somehow see it otherwise.
Not smart to do this even anonymously

>>509164414 (OP)
time to stop using kikerosoft.

>>509164414 (OP)
Losing basic functions because they're retarded Indian army can't copy and paste while man code .it is just funny

>>509164615
The password of my pc is Microsoftisshit

>>509164414 (OP)
I use my own encryption algorithm and figure out my passwords for each site independently based on the site name I am logging into.
Took a bit to learn it but I can figure it out on the fly so I never have to remember passwords.
I just figure them out based on my own encryption algorithm in my head.

>>509164414 (OP)
You guys actually use auto fill for passwords? So basically an attacker only needs to gain access to your device (one password) and then they have access to all your shit?

>>509164414 (OP)
Don’t use microshit products retard

>>509165974
>I heard the claim that passwords fall under protected speech and or 5th amendment. But if there is no password, your shit is just sitting on someone elses computer and they can be compelled to give it to police without you complying
>>509171835
>You're halfway there, and I'm surprised this comment doesn't have more attention.
>You cannot be compelled by a court to give up a passphrase or even an unlock pattern because, being information of the mind, it is protected by the 5th amendment right against self incrimination. Your fingerprints, DNA, iris scans, passwords stored on hardware or written on paper, etc etc are only protected partially by the 4th amendment, given that it's information of the physical nature and a judge can compell you to give those up.
>Don't be a retard, memorize your passwords using the memory palace technique
interesting but mostly funny

>>509164414 (OP)
>You need to log in with your:
>>eye scan
>>finger scan
>>facial scan

Butthole scan when?

I still don't get why passwords are bad.

Browsers should be hashing client side to map user passwords into good passwords. Browsers should also do this automatically so logins are completely invisible after locally authenticating on the browser. But i guess that's not nearly as important as moving the settings menu to the other side of the screen or whatever.

>>509175485
The teledildonics community is growing every day.

>>509176218
They're not, it's just the jews want to mark every goy with his very own palantir beast chip/mark 666 ID in their planned new kike ZOG NWO system

>>509175124
i would be fine with this. but the though of them not washing their hands and more than likley not being able to subtract the drink from the price makes me not want to patronize. Also my local bks are money laundering dumpsters. everything is always out of stock and if you settle on what ever slop they might have on offer, they just ignore you long enough at the pay window till you leave.

>>509175138
my main password is Nigger1

>>509164927
Same, to access my work emails from home. Now I just don't access them

>>509169931
They just get ranjeet or Hernandez at your phone company to give them your simcard then they just log in with 2fa or password recovery

>>509164414 (OP)
Passwords are completely portable. Code generators are cryptographic algorithms that require complicated computers to run.
>>509167879
That's really dumb. At least use a password manager like keepass and 2fa.

>>509176218
They're pushing biometrics and facial recognition for every online login.

>>509170862
Because everyone all the time is getting hacked, so they can see your email and password from one hack, then apply it to your bank or email and log in if you use the same password and don't have 2fa enabled.

>>509170887
Anon you can subscribe your email to haveibeenpwnd. Also keep paper backups of your passwords.

>>509164414 (OP)
why do kikes want our biometric data so bad

>>509165974
Yup. All corporations turn over anything they ask for. Businesses are NOT allowed to operate without a backdoor. Lavabit email shut down in 2013 because they refused to comply with a secret blanket warrant.

Now that everything has secret blanket warrants, palantir can target people for gangstalking.

>>509170078
Macos is worse than windows.

Cards, tokens, etc are great for business security where it's better to lose access temporarily than let the chinks in. But I have to answer 2fa challenges to pay my water bill, it's fucking stupid. God forbid I want to read my garbage gmail inbox from a public library without having my cellphone with me.

>>509164414 (OP)
Google stores all my passwords so who gives a fuck. MSFT is just some jeet outlet at this point.

>>509164615
Me either I just write them down.
Saving them to Edge or any online service is just asking for someone working at the corporation to sell them.
>muh encryption
Doesn't matter when the Pajeet managing the server needs to renew all his onlyfans subs.

>>509177291
Anon Google is going to leak that shit online. Use an offline password manager. Online ones defeat the whole purpose.

>>509177120
Google lifelog

>>509164414 (OP)
>Ms account
Lol
Lmao

>>509177519
>Anon Google is going to leak that shit online. Use an offline password manager. Online ones defeat the whole purpose.
I don't care too much. Anything that involves money or a way to reset a password that involves money requires an authenticator. I could give a shit if google leaks my litte ceasars password.

>>509177780
maybe one day youll have a real job

>>509164414 (OP)
ah yes, they need your phone numbers and phone data via their app now too folks.

It boggles the mind why people dont just use Linux Mint.

>>509178016
>Doesn't separate private and professional life
Maybe one day you'll also be able to realize work data belongs to whoever's paying for it.

>>509164414 (OP)
Only pejeets and boomers use Windows

>>509164414 (OP)
switch to linux

>>509169809
>Forced 2FA is far more secure
>the access point that lead to the fappening

>>509178263
yeah no shit, thats why you back it up - if you wanna get shit done, you need to use modern tools, but hey im sure the booming tech industry in portugal is making great contributions

>>509164414 (OP)
Musk should give us an alternative to Windows

>>509165022
That’s basically what happened to Ross Ulbricht the founder of the Silk Road kek

Microsoft account?

>>509178442
>Fucking nigger
Don't like how your boss runs his company, start your own (you can't, obviously), then tell us how long till you'd fire whining bitches like yourself.

>>509164414 (OP)
>>eye scan
>>finger scan
>>facial scan
All things the authorities can just do against your will.

>>509179560
I'm self employed, socialist retard. I do tech consulting and guess what? Most people need email that works! And they use servers with active directory and shit like VPNs! You're tech illiterate and you have no fucking idea what you're talking about.

>>509165022
>dont leave unlocked pc unattended
problem solved, im a security wizard boys

>>509165682
I still use them

>>509179692
>Lmao nigger thinks "email that works" is some sort of uberleet thing only muh bigcorpo can provide n shiet....
You deserve it.
Kys.

>>509179692
But there's more:
>Nigger thinks bigcorp that can steal his fingerprint can't steal his password
Fucking niggers....

>>509171045
How many of those sites are important? I use the same password for 99% of things and have for 20 years because it doesn't matter. The only things of mine that use a real password are my bank account, my actual e-mail account, and my retirement account. If it's not that it gets "dansuck5".

>>509164414 (OP)
Linux is so easy these days even a beginner would be able to install arch linux

>>509171835
>memory palace technique.
https://www.youtube.com/watch?v=jR0vRuZkxdw

>>509165022
>Doesn't lock the computer(/phone/etc.) before leaving it

>>509170442
I work in HR and never even heard of these things lol

>>509164627
#3

>>509165264
Why is keepass better?

>>509164414 (OP)
>He doesn't write down his passwords in a notepad

>>509164414 (OP)
bullshit you can use passkeys

>>509164414 (OP)
After they round you up for your internet crimes it will be easy to unlock anything with your face, finger, eyes. Probably don't need to be awake or alive.

>>509164414 (OP)
password authentication is the best life insurance policy
If you use biometrics, all a thief needs is your face or hand. If you use passwords, they need to extract it from your brain.

>>509165797
Based chud Chad tranny

>>509177579
>lifelog
what the fuck how is this legal