Techly NewsGet the app

Get the latest tech news

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.


Researchers say the behavior amounts to a persistent backdoor.

From the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using passwords that have been revoked. Wade and another expert in Windows security said that the little-known behavior could prove costly in scenarios where a Microsoft or Azure account has been compromised, for instance when the passwords for them have been publicly leaked. Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of Microsoft

Microsoft

Photo of Windows RDP

Windows RDP

Photo of revoked passwords

revoked passwords

Related news:

News photo

Microsoft engineer reveals more details about Janet Jackson Rhythm Nation song that used to mysteriously crash Windows XP PCs

News photo

Microsoft CEO Says Up To 30% of the Company's Code Was Written by AI

News photo

Microsoft Vows Legal Fight Against US To Protect European Cloud Customers

« Breaking the ‘intellectual bottleneck’: How AI is computing the previously uncomputable in healthcare
Universal all-optical logic gate reaches 240 GHz at room temperature »