Time
3 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
4

Video Transcription

00:00
and in this video I will give you an example offsetting going those hilo authentication eso I'm going toe to show you how to change signing options in Windows 10 and two. House set How to set the dynamic clock in Windows 10. So
00:16
ah, let's go directly to
00:21
changing signing options So you simply go toe windows
00:26
settings screen
00:29
like this one, and then you click on the Count's
00:34
and their nuclear consigning options,
00:37
and you get the way it's usually managed. So my system is now set up
00:42
to be opened with the eso. I'm signing in with my password,
00:49
and
00:51
if you're using your PC at home,
00:54
your password is okay.
00:56
But if you using your business, your piece in your business and your logging to domain, you have, ah, slight problem because then your password these kept in them
01:06
in in the password hash on your server, and it can be recon reengineered, reverse engineered from that hash. So this is not a really good thing.
01:18
Eso what What we have is in possibilities to use pin,
01:23
and if we choose to use pin,
01:26
then there is no communication between your PC and the and the server. So here you don't see this because I'm I'm at home and I don't have my domain at home.
01:38
But what PIN does is actually goes to your TPM and actually unlocks the communication between your PC and the main server. And then, uh, private key public key session is established and the public keys exchanged with server.
01:57
And then it's decrypted. So
01:59
there is no actual password being kept anywhere except on your PC and on your PC. What you actually have it is just the encrypted version of European in your TPM, so it's pretty much safe on your PC.
02:15
You can also decide to use fingerprint,
02:17
which is something that it's not possible because on my PC at the moment, I don't have a fingerprint reader.
02:25
Oh, are you can use ah, when those hello phase, which is basically a facial recognition. And as I said, I don't recommend it. It's OK if you are having the clear appearance every day,
02:39
but some things are simply
02:43
that they can confuse the windows. Hello. It can takes a lot of time sometimes, so if you're going to and from your P seal too many times
02:53
per hour, and then you will have a problem because
02:58
you will wait a couple of seconds every time.
03:01
Uh, okay, if you have very fast, BC might not.
03:05
And then the other options are to use security key,
03:08
which is a physical security key like key card. But it's usually USB, so it's it's okay to have it, but it can be a problem because
03:22
you might want to. Your your administrator might want to. Disabled Usage of USB ports Picks on your Example notebook. For security reasons,
03:31
you can, of course, have password, and you can also use the option toe. Find the favorite picture from the certain folder on your PC and use it as a as a way to authenticate the problem with this. Is that
03:46
what happens if you delete the picture and so on and so on? So now
03:53
we'll set up in here because it's simple. It's going to be simple Pin just for the demonstration. I don't recommend that opinions shorter than 12 or 15 characters, although it's no longer something that can be reverse engineer from the hash.
04:08
So it first asked me to put on my current password,
04:15
and then I'm going to type in.
04:17
Then you
04:18
pin and it can be just numbers of can be letters and symbols as well.
04:27
And then I will say OK,
04:32
and now my devices set up to be unlocked with a pin.
04:36
The next thing you can use toe. Additionally, protect your PC when you're
04:43
wherever you are
04:45
is to use this. Um,
04:47
if you have your phone paired or blue to with them with your PC and here we have it.
04:56
Andi, I've used deception.
04:59
Ah, then if I
05:01
get away from my PC with my phone
05:05
distance, that is enough to break the Bluetooth connection.
05:12
My PC will lock, and I'll let me demonstrate that to you by just switching off the
05:23
Bluetooth on my phone.
05:28
So now itself, let's reaches
05:33
and my B C has looked.
05:40
So now I will have to type in my pin. What you see is blank screen because I'm working on a secondary display.
05:47
But now it's unlocked, and now
05:51
it's again connecting to the pair device.
05:56
So this is how it works. And this is something that is ah, really nice thing to have, because if you then
06:03
oh, if you just were summer and you just walk away from your PC to get them out automatically Locked people usually take their phone wherever they go. So this is a
06:15
rather full proof method.
06:19
Okay, so in this demonstration, you have learned about the multi factor dedication and dynamic lock and windows 10.
06:28
And in the next video, I will be talking about anti malware protection.

Up Next

Intermediate PC Security

The Intermediate PC Security course will teach students about endpoint protection. Students will learn fundamental information about PC Security and common attack vectors.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor