I have a local account "xyz" defined on multiple computers in my workgroup. The password is all lowercase, but fairly robust.
I want to add a new Windows 8.1 computer that I plan to upgrade to Windows 10 Pro. My Microsoft account is "xyz#mydomain.com". This account's password is not currently the same as that of the local accounts.
I understand that Windows 10 will automatically create a local alias for "xyz".
It would seem that updating the password of the Microsoft account to match the local accounts would allow the new computer to integrate seamlessly.
However, when I enter the lower case password, the Microsoft Account "Change your password" page displays the error message "Please choose a password with mix of lower and upper case letters, special characters, numbers and symbols".
Is there any way to get the Microsoft nanny to allow me to enter the password I want? If not, I'll have to update the password on each computer, and on any applications on each computer that cares about those credentials. Some of these are offline at the moment, so I'll probably forget (until access fails).
Yeah, I know the answer is going to be 'No', but I just wanted to vent.
No, but if you set it up as a local account instead of a microsoft account then you can. Some people don't realize you can still have local only accounts in 8, 8.1, 10. Though if you have to use the microsoft account for various reasons then like you said the answer is no.
Related
I'm a developer, and not in Sales.
I signed up for a free developer account, which has access to mock data:
Username: my.name#company.com
Email: my.name#company.com
I'll call this the "dev account"
Later I wanted to access to our company's actual customers, just to look around. Our admin gave me a different, regular login (she said it complained when she tried to use my existing email). That account is:
Username: othername#company.com
Email: my.name#company.com
I'll call this the "user account"
You'll notice the username is different, though the email comes to the same place.
I've been working with the dummy data that comes with the developer account. Now I'd like to access some of our real data via the REST API. It's not clear how I'd do that, and I don't want to blindly experiment and get into some type of weird state.
When I'm logged in as the "user account", and then access the developer website, it wants me to create another developer account. I'm not sure that's right. Also, the "Email" field would be the same as both my current "user account" and "developer account".
So how do I go from being a regular user to a developer against my company's actual data? Ideas I had:
Somehow link my existing "dev account" with my "user account" ? Not sure if I'd do this, or if it's something our admin would need to do?
Or maybe create a second developer account, having already been logged in as my "user account", and it will somehow magically associate them? It says "Select a unique username", but I already have 2 (old dev account, and new user account). I don't want to experiment and make things worse.
Some other way to do this?
Can I even create another developer account with the same email? Won't it complain?
I did do some google searches, but somehow I'm not hitting the right keywords. This seems like a basic thing that many folks would have to do at some point.
An aside: It's odd that it wants my zip code. Not sure if that's my home or work zip, and what if the office or my address changes? (actually likely) Most online services don't care about that...
You don't mention how you're accessing your data from the developer account, but somewhere you are authenticating (either via OAuth,or via a soap login call) simply change this to provide your user account credentials and you should be good to go.
You don't need to have a matching account on the developer website to make API calls, or link your developer & user accounts.
One of our customers uses IBM's Security Access Manager (ISAM) for Enterprise Single Sign-On (ESSO), which uses a piece of software on the client called AccessAgent. From what I understand it's basically a glorified password manager.
This customer uses the software to autofill the username/password prompts on our web site so that they can log in; however, the software also tries to do this on the "Reset Password" page which comes up in the event that the software has a different password stored than what the user actually has. When users hit the reset page, AccessAgent automatically redirects them to the home page for some reason.
The first thing I tried was renaming the field from "username" to something non-semantic in hopes of throwing the software off. This worked for a few months but it has apparently 'learned' again that "hey, people put their e-mail address in here, I'll try to log them in!".
Past efforts to train individual users to turn off the software have not worked, and we continue to get a lot of "your password reset page doesn't work" tech support requests.
My question is this: Does anyone have any experience with this software, and is there a way to disable it for my password reset page? Either via HTTP header or tag or something?
Is there a way to retrieve the current user's information (i.e. login/password) so that it may be used to automatically fill in forms during the install?
I do not know where to start my searching.
I would agree with the answer to a similar question I found here:
"Windows will never, ever give you the user's password. You will have to
prompt the user to give it to you."
If this were possible, it would present inherent security problems. Consider what else a program could do if it could obtain my account credentials programmatically just because I am running the program.
If you just want the user name though, it looks you can get that with the LogonUser built-in variable. There is a list of built-in variables here if you are interested in what else is available.
I'm in the process of creating a traditional desktop application, and I'd like to enable the user to protect the application with a password.
I was wondering what people tend to do in terms of helping the user if they can't remember the password? I don't want them to be locked out of the app entirely because of it.
If I were creating a web app, this wouldn't be an issue as a system could be put in place where an email is sent to them containing their password (after they answer a mother's maiden name type question)
I don't believe this is an option with a desktop app. The person who the end user may not want to access the application would likely know the mother's maiden name or have access to the end user's email account simply by opening Outlook.
I've searched Stack Overflow and Googled but no joy.
I assume there must be a common process used for such situations but I'm buggered if I can find it.
Or will my end user just have to suffer the consequences of their forgetfulness?
Thanks in advance.
How about just allowing a password hint, like Windows does?
P.S. You should never email a password, maybe just a one-use password or a link to reset the password.
For those who are not aware, Lotus Notes is a cool system, which has very powerful database replication abilities, and very strong certificate management and signing.
However that strong certificate usage is itself one of Notes's downfalls.
When you log in to Lotus Notes via a Notes client, the password you use is not stored anywhere, except as the encrypt/decrypt key to the Private Key stored in the Notes ID file on your local workstation.
What this means is that you can have 15 copies of this file, with 15 different passwords, and each one is valid, as long as you have the matching password.
For Identity Management systems, this is pretty crippling, as there is no server side component to access the password change event, rather it is entirely client based, and the server can barely even tell it happened!
The rumours I hear is that in later releases of Lotus Notes/Domino, this ID file based authentication is starting to change.
I am having trouble finding clear cut explanations for what is changing, how, and in what version. (8.5? 9? Later?)
Second part to this question is, what is happening in terms of Active Directory integration? I heard it rumoured that AD authentication might be allowed instead of ID file authentication. My guess on that aspect is that the ID file stored on the server will still be used for authorization, but the successful Active Directory authentication will be used to unlock access to it? Or is it some other model?
Looking for someones perspective who has figured this out already!
On a side note, there is a second password (httpPassword) that is used when Notes's Webmail is accessed, since of course the server has no access to the local ID file when the user authenticates. One assumes this is the model they would move to for other forms of authentication, but as we all know, assuming is a bad plan!
Notes Domino 8.5 has the new ID Vault feature. It was released in early January.
ID Vault works by keeping a copy of the id securely on the server. It then provisions the id on demand to the user. This allows for a configuration where the user asks the server to reset the password and the server makes the change to the id file before downloading it the the user.
More info on ID Vault here:
A New Way to Manage Notes User IDs and Passwords (dominoblog.com)
Sneak peak - the Domino 8.5 id vault (pmooney.net)
Updated: 8.5 has been released.