Have I Been Pwned Archives - darrenjrobinson - Bespoke Identity and Access Management Solutions

February 28, 2019November 10, 2020

Azure AD/Active Directory User Security Evaluation Reporter

<img width="640" height="645" src="https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2019/02/User-Secure-Score-Risk-Profile-640px-1.png?resize=640%2C645&ssl=1" class="attachment-twentyseventeen-featured-image size-twentyseventeen-featured-image wp-post-image" alt="" decoding="async" srcset="https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2019/02/User-Secure-Score-Risk-Profile-640px-1.png?w=640&ssl=1 640w, https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2019/02/User-Secure-Score-Risk-Profile-640px-1.png?resize=150%2C150&ssl=1 150w, https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2019/02/User-Secure-Score-Risk-Profile-640px-1.png?resize=298%2C300&ssl=1 298w, https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2019/02/User-Secure-Score-Risk-Profile-640px-1.png?resize=100%2C100&ssl=1 100w" sizes="(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px" />

During December 2018 – February 2019 Microsoft have run an online Microsoft Graph Security Hackathon on Devpost.

The criteria of the hackathon was;

Build or update a functioning Microsoft Graph-powered solution that leverages the Microsoft Graph Security API

Following the announcement of the Hackathon I was encouraged by Kloud management to enter. … keep reading

August 10, 2017August 13, 2020

UPDATED: Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager

Microsoft Identity Manager - Have I Been Pwned

<img width="640" height="121" src="https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2018/02/HIBP-640px.png?resize=640%2C121&ssl=1" class="attachment-twentyseventeen-featured-image size-twentyseventeen-featured-image wp-post-image" alt="Microsoft Identity Manager - Have I Been Pwned" decoding="async" srcset="https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2018/02/HIBP-640px.png?w=640&ssl=1 640w, https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2018/02/HIBP-640px.png?resize=300%2C57&ssl=1 300w" sizes="(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px" />

Earlier this week I posted this blog post that showed a working example of using a custom Pwned Password FIM/MIM Management Agent to flag a boolean attribute in the MIM Service to indicate whether a users password is in the pwned passwords dataset or not.… keep reading

August 8, 2017August 13, 2020

Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager

Pwned Password Identification with Microsoft Identity Manager

<img width="640" height="255" src="https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2017/08/Pwned-Password-Overview-640px.png?resize=640%2C255&ssl=1" class="attachment-twentyseventeen-featured-image size-twentyseventeen-featured-image wp-post-image" alt="Pwned Password Identification with Microsoft Identity Manager" decoding="async" srcset="https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2017/08/Pwned-Password-Overview-640px.png?w=640&ssl=1 640w, https://i0.wp.com/blog.darrenjrobinson.com/wp-content/uploads/2017/08/Pwned-Password-Overview-640px.png?resize=300%2C120&ssl=1 300w" sizes="(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px" />

Update: An element of this solution details checking passwords online (using the Have I Been Pwned API). Troy explains succinctly in his blog-post announcing the pwned passwords list why this is a bad idea. If you are looking to implement the concept I detail in this post then WE STRONGLY recommend using a local copy of the pwned password list.… keep reading