Subject: Meeting the InCommon Assurance profile criteria using Active Directory
[AD-Assurance] RE: Tweet from Alex Simons (@Alex_A_Simons)
- From: Eric Goodman <>
- To: "" <>
- Cc: Eric Kool-Brown <>
- Subject: [AD-Assurance] RE: Tweet from Alex Simons (@Alex_A_Simons)
- Date: Tue, 17 Jun 2014 16:10:54 +0000
- Accept-language: en-US
Wow, really? The product manager advertises that they brute force (or otherwise) crack their stored AD hashed passwords? That’s kinda scary and crazy…
Thought folks might want to know that Alex Simons (AD Group Product Manager) tweet the message below over the weekend. Given the message, I’m pretty sure this is about the AAD DirSync capability to sync passwords to AAD.
I’ve responded with this tweet:
@Alex_A_Simons MS's "decrypt the hash" is highly irregular. Crypto hash f(x)s *should* be 1 way. http://www.ntdsxtract.com/downloads/ActiveDirectoryOfflineHashDumpAndForensics.pdf
He probably won’t engage further, but maybe it’ll influence this area.
You might also tweet in response … ;)
- [AD-Assurance] RE: Tweet from Alex Simons (@Alex_A_Simons), Brian Arkills, 06/16/2014
- [AD-Assurance] RE: Tweet from Alex Simons (@Alex_A_Simons), Eric Goodman, 06/17/2014
Archive powered by MHonArc 2.6.16.