000 - Kaizala und Passwortangriff

In unserer Pilotfolge diskutieren wir erst über den Sinn und Zweck von Kaizala im Office 365 Umfeld. Im zweiten Teil geht es dann um Passwortangriffe und wie man sich im Microsoft 365 verteidigen kann. # Show Notes Kaizala * https://products.office.com/en/business/microsoft-kaizala * "Microsoft Kaizala is a phone-number based, simple, and secure mobile chat app that enables you to connect and coordinate work across your network – your organization, vendors, partners, suppliers, and customers." Kaizala Web Preview * https://docs.microsoft.com/en-us/office365/kaizala/use-the-web-app?redirectSourcePath=%252farticle%252fuse-the-kaizala-web-app-cd0fa9fc-e4af-4c6e-a9a2-b6a4ad34d1fa Guter Blog zum Thema von REgarding365 * https://regarding365.com/another-messaging-app-in-office-365-kaizala-24ce3a12c7f9 Smart Lockout * Locks out attacker while letting users continue to access * Default: 10 attempts, 1 minute (with increasing duration) * Tracks last 3 bad password hashes (will not cause lockout) * Each DC tracks own lockout independently * Uses familiar location vs unfamiliar location to help differentiate between genuine user and hacker Banned Passwords * MS banned passwords * Custom banned passwords * Character substitutions