• 0 Posts
  • 5 Comments
Joined 8M ago
cake
Cake day: Mar 03, 2024

help-circle
rss

tl;dr: “Strike that, reverse it.”

They can bid all they want to put ads in front of me, I ain’t gonna see them. Of course, they probably know that, too.


While “Cisco Duo” is not listed here:

The following is a list of Cisco’s trademarks and registered trademarks in the United States and certain other countries. Please note, however, that this listing is not all-inclusive and the absence of any mark from this list does not mean that it is not a Cisco trademark.

Trademarks are exactly how rules for naming things works.


Expect this name to change when Cisco comes at them for being too close to Cisco Duo.


To address the “why”:

A user account, as defined by a username/password combination, can be used to access resources on the machine without logging in interactively on that machine. In a perfect world, you would only ever log in interactively on the machine using an account with restricted permissions, and when you needed to do “administraty” things, you would provide separate admin credentials at that time (sudo, runas, whatever your OS of choice supports).

Bonus question - what are the risks of having a weak password on a root user on a spare laptop on the same network as my main device that is used exclusively for web browsing?

If someone is able to compromise that root user on Machine A, then they may be able to leverage Machine A as a platform to attack any other devices on your network, or make Machine A into a zombie in their bot army to attack other targets anywhere, send spam, whatever malicious shenanigans they desire. (I know that’s pretty simplistic, there’s a whole lot of details left out, but that’s the gist of it.)

Also, nobody has yet mentioned the PIN option. I know that Windows machines (at least some of them, depending on configuration) allow you to configure a PIN for logon for local accounts. This PIN is only stored locally on the machine, and is not transmitted anywhere else. It’s basically a “shortcut” to the full password, and I think it can only be used for interactive logon.


Try different toothpastes. The very popular ones (Crest, Colgate) I find treacly sweet and disgusting, and I fucking hate mint anything. Arm and Hammer is my go to for that bland goodness. YMMV.