• dblsaiko@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    56
    arrow-down
    1
    ·
    24 hours ago

    Their stated reasoning here sounds bullshit and I’m sure the actual reason is a technical one, where they’re trying to retrofit the MS accounts login system to a protocol that wasn’t designed for it and for some reason are refusing to extend the RDP protocol to support the new auth mechanism. SMB network shares probably have the same issue I’d assume.

    I’m sure AD domains don’t have this problem since it uses Kerberos, otherwise this would have been a problem already decades ago.

    Using the password for a public account for local login is a disaster anyway, they should have done it like Apple and kept the local login password separate from the MS account login. I have never used a MS account for local login but it sounds to me like it just leads to people using insecure passwords for publicly reachable accounts because they don’t want to type a long password every time logging into their computer.

    • adrian@50501.chat
      link
      fedilink
      English
      arrow-up
      20
      ·
      23 hours ago

      I have never used a MS account for local login but it sounds to me like it just leads to people using insecure passwords for publicly reachable accounts because they don’t want to type a long password every time logging into their computer.

      I guess that’s what the PIN feature is for, even though you’re Personal Identification Number can have letters…

      • dblsaiko@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        6
        ·
        23 hours ago

        Oh, so that’s what that’s for. I’ve seen it before but never got the reason for it, but combined with this it makes sense. The name is very unfortunate though.

        Now, the question is, will the cached RDP password update when you log in with the PIN :)

        • TheRealKuni@midwest.social
          link
          fedilink
          English
          arrow-up
          3
          ·
          9 hours ago

          The real reason for PIN login is so you can login quickly with just the numpad, even if you have to edit the registry on your work laptop to enable it. /cough