Security

13

MAY

How to Prevent Untrusted Apps from Reading Your Browser Password on Windows

Although Microsoft Edge, Chrome, and Firefox store encrypted passwords in the user profile location, these can be easily decrypted by another program without requiring user authentication or approval. Consequently, an untrusted program, not flagged by Microsoft Defender or other security software, can easily access your passwords. Let's check out the simplest method to prevent this. …

Windows Security

10

MAY

Add X-Content-Type-Options Header to Resources in Azure Storage Account

By default, resources served from an Azure Storage Account do not include the X-Content-Type-Options header in their responses. This omission can pose a security risk. In this blog post, let's check out how can we solve this problem within a few steps without any code modifications. …

Security Azure

09

FEB

Get Clear Password from IIS App Pool

Sometimes, in order to get necessary permissions, we will assign domian accounts or local accounts for IIS app pool. For example, it usually happens for SharePoint deployment. However, this is not a secure way, because the password for these accounts are saved in clear text. For local accounts, the password is not readable. But if you are using domain accounts. The IIS Admin can read your …

IIS Security

Microsoft MVP for Azure

How to Prevent Untrusted Apps from Reading Your Browser Password on Windows

Add X-Content-Type-Options Header to Resources in Azure Storage Account

Get Clear Password from IIS App Pool