• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: June 21st, 2023

help-circle




  • Im sure people do see these ads, and its definitely starting to go a bit far, but I cannot for the life of me figure out how. Ive never seen anything like this using multiple personal and work windows machines for ~10+ hours a day, every day.

    Work makes sense, I believe its a couple of GPOs, but even at home when I boot a fresh image I tick like 3 boxes and just never see any ads.

    The only situation I can think of is prebuilt machines and laptops with preloaded configurations that people dont bother to change, but even then im pretty sure 5 minutes in settings will sort it out.



  • Depends on the use case. Cloudflare tunnels are great for accessing services, but not your network. I have a dockerised vscode instance behind a cloudflare tunnel attached to a personal domain that uses white listed emails as authorisation. Fantastic set up, can access my coding environment from anywhere with an internet connection as long as I can click the verification link in my emails.

    To access my network itself though, wireguard is better. I just use pivpn (coupled with pihole for on the go adblock) on a rpi.


  • Best practice in 2023 is a simple, sufficiently long but memorable passphrase. Excessive requirements mean users just create weak passwords with patterns.
    [Capital letter]basic word(number){special character}

    Enforcing password changes doesnt help either. It just creates further patterns. The vast majority of compromised credentials are used immediately or within a short time frame anyway. Changing the password 2 months later isnt going to help and passwords like July2023!, which are common, are weak to begin with.

    A non expiring, long, easily remembered passphase like
    forgetting-spaghetti-toad-box
    Is much more secure than a short password with enforced complexity requirements.