Passwordless

Simplifying SSH Key Management setup with PowerShell

Craig Wilson
Simplifying SSH Key Management setup with PowerShell Introduction Managing SSH keys effectively is crucial for maintaining secure and efficient access to remote systems. This blog post introduces a PowerShell script designed to configure an SSH-Agent on Windows 11 with keys. I use this method when I first build a new Windows 11. Using SSH-Agent allows me to use forwarding agent requests and allows for using Yubikey certificates acorss an RDP session.

AzureAD Passwordless Sign in - Part 1

Craig Wilson
Microsoft is currently on a path to switch services to Passwordless logins, meaning we will at some point no longer require a password. This does not mean accounts will not be protected; accounts will be using tokens, Multi-Factor, authenticator apps to perform authentication. The Microsoft strategy is base on 4 steps; Develop password replacement offering Reduce the user-visible password surface area Transition into password-less deployment Eliminate password from identity directory Right now, we still see the continued development of the replacement for passwords and the reduction of locations where we need to enter password.

AzureAD Passwordless Sign in with FIDO - Part 2

Craig Wilson
FIDO keys provide you with a hardware-based authentication device. The keys can be used on a number of different sites as well. I use the keys to protect my AzureAD login, GitHub and a few other places as well. In this section, I will go over the process to enable AzureAD. In part 1, I went over methods for PasswordLess login and set up the Microsoft Authenticator App. AzureAD Passwordless Sign in with FIDO - Part 1

AzureAD Passwordless Sign in, forcing Windows 10 to login with FIDO only - Part 3

Craig Wilson
FIDO keys provide you with a hardware-based authentication device. The keys can be used on a number of different sites as well. I use the keys to protect my AzureAD login, GitHub and a few other places as well. In this section I will go over the configuration for locking down a Windows 10 device. I have already gone over the process to enable AzureAD in part 1 and 2.