-
ve2mrx
AskWoody PlusHow about the recent story about Intel CPUs that needed a microcode update to not go bad? This is a very good reason to keep BIOS updated IMHO!
Martin
1 user thanked author for this post.
-
ve2mrx
AskWoody PlusJuly 3, 2024 at 11:10 pm in reply to: 9000002 Blocking Copilot in Windows 10 and 11 Professional sku #2685376Hi,
Quick question: What is the source of the ADML and ADMX files? Any source link I could save?
Thanks,
Martin -
ve2mrx
AskWoody PlusMy choices:
Daily driver: 15″ ThinkPad P-series with appropriate dock, 27″ 2k monitor, and mouse. Unplug the two dock cables and off you go!Think Station Tower with dual 24″ monitor, keyboard and mouse for the virtual servers and occasional gaming. Plenty of storage, memory and CPU power for the VMs and a chonky GPU for CAD and gaming, both occasional.
Each purchased with a purpose in mind: Portable-ish laptop for on-the-go power computing, and a tower for fixed raw power. The Thunderbolt 3 dock makes the line blurry!
-
This reply was modified 1 year, 11 months ago by
ve2mrx. Reason: Clarified the meaning of a sentence
-
This reply was modified 1 year, 11 months ago by
-
ve2mrx
AskWoody PlusI use DHCP reservations in my router. DHCP hands out the IP I selected to the MAC address that asks for it for the devices where it matters. The others are assigned from the DHCP pool.
So, I don’t have to configure and maintain static IPs but I still have fixed addresses for servers, scanners and printers!
The best of both worlds!
Martin
1 user thanked author for this post.
-
ve2mrx
AskWoody PlusUltimately, every website must stop relying on username/password combinations, which are inherently weak, and move to multifactor authentication (MFA) using secure tokens.
Right, if the goal is to protect the account from other people. But in this scenario, the person abusing the account has the MFA credentials. I imagine that it isn’t that hard to distribute the codes to multiple machines when you have access to the token as would happen in a post farm…
The only solution would be to limit to 3 logins at once (computer, tablet, phone) when MFA is active. And don’t make it too annoying or people will reduce their use! (But not bots!)
My 0.02$
Martin
-
ve2mrx
AskWoody PlusExactly. And this app password cannot be used to take over the account, can be disabled by the account owner easily and is used only in the app it was installed in.
Think of it as a rights-limited delegated account access that is limited to fetching and sending emails. If your workflow can’t tolerate this level of security, don’t use app passwords and find something that is recent enough to use Oath/2! It’s been out for a while now!
The goal is to eliminate the use of full-access account credentials to log into email that can be stolen and used in account take-over. The app password generated prevents this and isn’t peppered all over the place (used by one known app), limiting who has access to it (hopefully used over TLS!).
Sure, it is less secure, but it isn’t as much at risk as your account management password…
Martin
-
ve2mrx
AskWoody PlusReading this, I can only picture a lonely server in a closet with a bunch of obsolete kit all over, lost somewhere in the basement of some building… Hopefully, it wasn’t walled-in!
Martin
-
ve2mrx
AskWoody PlusWhat annoys me the most is when you have an app that forces you to log in using your Microsoft account just so you have the extreme privilege of unticking the Start on boot checkbox!
Skype, I’m looking at you!
So I simply remove the autostart with the very useful tool Autoruns from Microsoft. Way more powerful than the in-box tools!
Martin
-
ve2mrx
AskWoody PlusI’m surprised nobody mentioned Yubikey yet…
I have two and I love their integration with websites. It allows you to enter the 2FA with a single touch of the key. Above all, they can store securely OTP keys and with the companion app (mobile/computers) you can generate 2FA codes. Since you keep the key with you, it is never stored on the phone or computer!
Martin
-
ve2mrx
AskWoody PlusThis is why they also push for “PINs”, as those are unique to the machine they are set on. Think of PINs as local machine passwords.
Martin
-
This reply was modified 2 years, 12 months ago by
ve2mrx. Reason: Clarified PINs
-
This reply was modified 2 years, 12 months ago by
-
ve2mrx
AskWoody PlusUsing a non-changeable “password”? Bad idea. Especially DNA, it’s spread everywhere! Every hair or dead skin cell you lose can compromise your access!
Martin
1 user thanked author for this post.
-
ve2mrx
AskWoody PlusIt took me some digging and reading before trusting HIBP with my passwords too! But I do now!
Martin
-
ve2mrx
AskWoody PlusFirst, I am against password-less logon like Microsoft is pushing. That would be removing one factor.
Second, I cheat at OTP activation by recording the otp:// url in my password manager. This way, I can activate more than one token for backup. As long as I don’t reuse passwords, keep my password manager safe and don’t lose my 2FA sources, someone at the other end of the world can’t log in.
Of course, I don’t use SMS 2FA for anything I care about… Oh, I use none of those online password managers! Only local ones (sync’d by encrypted file).
Martin
-
ve2mrx
AskWoody PlusI just wanted to add that there is a version called Lenovo Commercial Vantage for Lenovo business computers without the “fluff”. It is also manageable from Group Policy. Use it if your machine is supported!
Martin
1 user thanked author for this post.
-
ve2mrx
AskWoody PlusHi!
Lenovo Vantage is purposely delayed while the update team monitors the early deployment of updates. Updates are first published on the support website, then to Vantage database about two weeks later if everything looks fine. The idea is to only install good updates automatically.
Martin
2 users thanked author for this post.
![]() |
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Asking Again here (New User and Fast change only backups)
by
thymej
1 hour, 17 minutes ago -
How much I spent on the Mac mini
by
Will Fastie
2 hours, 1 minute ago -
How to get rid of Copilot in Microsoft 365
by
Lance Whitney
13 minutes ago -
Spring cleanup — 2025
by
Deanna McElveen
2 hours, 50 minutes ago -
Setting up Windows 11
by
Susan Bradley
33 minutes ago -
VLC Introduces Cutting-Edge AI Subtitling and Translation Capabilities
by
Alex5723
8 minutes ago -
Powershell version?
by
CWBillow
5 hours, 16 minutes ago -
SendTom Toys
by
CWBillow
9 hours, 34 minutes ago -
Add shortcut to taskbar?
by
CWBillow
3 hours, 6 minutes ago -
Sycophancy in GPT-4o: What happened
by
Alex5723
19 hours, 28 minutes ago -
How can I install Skype on Windows 7?
by
Help
18 hours, 11 minutes ago -
Logitech MK850 Keyboard issues
by
Rush2112
1 hour, 6 minutes ago -
We live in a simulation
by
Alex5723
1 day, 9 hours ago -
Netplwiz not working
by
RetiredGeek
20 hours, 11 minutes ago -
Windows 11 24H2 is broadly available
by
Alex5723
1 day, 22 hours ago -
Microsoft is killing Authenticator
by
Alex5723
9 hours, 40 minutes ago -
Downloads folder location
by
CWBillow
2 days, 4 hours ago -
Remove a User from Login screen
by
CWBillow
1 day ago -
TikTok fined €530 million for sending European user data to China
by
Nibbled To Death By Ducks
1 day, 19 hours ago -
Microsoft Speech Recognition Service Error Code 1002
by
stanhutchings
1 day, 19 hours ago -
Is it a bug or is it expected?
by
Susan Bradley
2 days ago -
Image for Windows TBwinRE image not enough space on target location
by
bobolink
1 day, 18 hours ago -
Start menu jump lists for some apps might not work as expected on Windows 10
by
Susan Bradley
18 hours, 14 minutes ago -
Malicious Go Modules disk-wiping malware
by
Alex5723
2 days, 8 hours ago -
Multiple Partitions?
by
CWBillow
2 days, 9 hours ago -
World Passkey Day 2025
by
Alex5723
5 hours, 17 minutes ago -
Add serial device in Windows 11
by
Theodore Dawson
3 days, 17 hours ago -
Windows 11 users reportedly losing data due forced BitLocker encryption
by
Alex5723
1 day, 18 hours ago -
Cached credentials is not a new bug
by
Susan Bradley
3 days, 22 hours ago -
Win11 24H4 Slow!
by
Bob Bible
3 days, 22 hours ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.