Comment on Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. - Ars Technica

<- View Parent
Gibibit@lemmy.world ⁨3⁩ ⁨days⁩ ago

That is addressed in the article

Even after users change their account password, however, it remains valid for RDP logins indefinitely. In some cases, [independent security researcher Daniel] Wade reported, multiple older passwords will work while newer ones won’t.

source
Sort:hotnewtop