E2: of course that’s not why I told her. I explained how fastboot sometimes takes over and doesn’t actually restart the device, only “refreshes” the experience. I recommended she restart at least once a week. We’ll see what happens.
windows doesnt actually shut down, its some kind of hybrid hibernation now. it only really reboots if you actually reboot. so they may actually be “shutting down” every day.
They have successfully circumvented the reboot. I just always turn that setting off. SSDs are ubiquitous, nobody needs a fake shutdown. It just causes more issues.
Idk how that person’s IT works, but in mine, that would probably warrant a lot of paperwork. The techs would have to pitch the change to client management, client management would have to pitch it to change management and provide test results to show it has no side effects, then deal with the techs complaining about the uptick in tickets about slow boot times or people justifying never shutting down or restarting with it taking so long to boot.
Not that they’re actually slow, our users are just super entitled. I got to observe the rollout of automatic screen lock for security reasons, and the ensuing pushback. The audacity of having to reenter your password if you’ve spent more than ten minutes doing nothing!
Security even managed to push for reducing it to five minutes after some unfortunate incident… but it got reverted for reasons you can probably guess. Hint: shit always flows downward.
I recommend looking into Windows hello for business to reduce the usage of passwords in the first place. It’s so much nicer to use your fingerprint, face, or even a PIN.
I would never consider fingerprints or face scans to be secure even for personal devices. I guess if theres literally nothing to protect, if thats possible.
I do understand the point that the biometrics are replacing very short pins usually, oftentimes 4 digits only but I dont quite see how that makes the passcodes worse than the biometrics.
I’d say even a 6 digit passcode with a randomized number pad, alongside an emergency wipe pin, would do better than biometrics, which also need to have a passcode setup as backup anyhow.
Maybe you could play out a few scenarios that illustrate your point?
Why exactly do you think biometrics are so terrible? Is it because you could theoretically access someone’s computer when they are sleeping or something?
As far as I’m aware that is not the consensus in the industry. I even need biometric (in combination with a card and a pin) to enter a specific datacenter.
I do think that bringing up specialised and uncommon hardware like randomised number pads is out of scope. Are you talking about highly sensitive and restricted systems? I’m talking about normal user computers.
“Ok let me check on something”
Uptime: 156 hours
"let’s restart using what I like to call, ‘the right way’ "
“I restart every day before going home”
Uptime: 19:23:07:24
Yeah… Logging off isn’t restarting…
(Brought to you by my actual day today)
E: correct autocorrect
E2: of course that’s not why I told her. I explained how fastboot sometimes takes over and doesn’t actually restart the device, only “refreshes” the experience. I recommended she restart at least once a week. We’ll see what happens.
windows doesnt actually shut down, its some kind of hybrid hibernation now. it only really reboots if you actually reboot. so they may actually be “shutting down” every day.
They have successfully circumvented the reboot. I just always turn that setting off. SSDs are ubiquitous, nobody needs a fake shutdown. It just causes more issues.
If you are internal IT you (or someone at least) should disable fastboot though GPOs
Idk how that person’s IT works, but in mine, that would probably warrant a lot of paperwork. The techs would have to pitch the change to client management, client management would have to pitch it to change management and provide test results to show it has no side effects, then deal with the techs complaining about the uptick in tickets about slow boot times or people justifying never shutting down or restarting with it taking so long to boot.
Not that they’re actually slow, our users are just super entitled. I got to observe the rollout of automatic screen lock for security reasons, and the ensuing pushback. The audacity of having to reenter your password if you’ve spent more than ten minutes doing nothing!
Security even managed to push for reducing it to five minutes after some unfortunate incident… but it got reverted for reasons you can probably guess. Hint: shit always flows downward.
I recommend looking into Windows hello for business to reduce the usage of passwords in the first place. It’s so much nicer to use your fingerprint, face, or even a PIN.
You can recommend all you want, the decision is far removed from me
I would never consider fingerprints or face scans to be secure even for personal devices. I guess if theres literally nothing to protect, if thats possible.
Passwords can in most scenarios be considered to be even less secure.
Remember that you aren’t replacing 64 character passwords with fingerprints. You are replacing 8 character shit passwords with fingerprints.
Also pretty much everyone in IT security agrees that passwordless is the way to go.
Passwords REALLY fucking sucks for so many reasons.
I do understand the point that the biometrics are replacing very short pins usually, oftentimes 4 digits only but I dont quite see how that makes the passcodes worse than the biometrics.
I’d say even a 6 digit passcode with a randomized number pad, alongside an emergency wipe pin, would do better than biometrics, which also need to have a passcode setup as backup anyhow.
Maybe you could play out a few scenarios that illustrate your point?
Why exactly do you think biometrics are so terrible? Is it because you could theoretically access someone’s computer when they are sleeping or something?
As far as I’m aware that is not the consensus in the industry. I even need biometric (in combination with a card and a pin) to enter a specific datacenter.
I do think that bringing up specialised and uncommon hardware like randomised number pads is out of scope. Are you talking about highly sensitive and restricted systems? I’m talking about normal user computers.
Our company policy is not to disable it. I tried getting it approved a year or so ago : /