Tuesday, May 12, 2015
Tech Tip Tuesday – Microsoft Local Administrator Password Security (LAPS)
When an attacker compromises any workstation, the local administrator password hash can be obtained and used to access every other workstation using the classic Active Directory exploit Pass-the-Hash (PtH). Fortunately Microsoft now has a solution to protect local administrator accounts from reuse. Labeled LAPS (Local Administrator Password Solution), a compromised local admin account cannot be used to as a launch point for other malicious activity by an adversary. http://www.praetorian.com/blog/microsofts-local-administrator-password-solution-laps If you have a Tech Tip you want to share, send them to firstname.lastname@example.org and we'll get them out next #TechTipTuesday.