From c9ac8c5d4e6b30858af03ed8a42a078027713f5b Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Thu, 22 Aug 2024 11:32:38 -0400 Subject: [PATCH] Acrolinx --- windows/security/docfx.json | 5 ++--- .../identity-protection/passkeys/index.md | 16 ++++++++-------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/windows/security/docfx.json b/windows/security/docfx.json index 63f4cd80a9..4981ff2978 100644 --- a/windows/security/docfx.json +++ b/windows/security/docfx.json @@ -65,6 +65,7 @@ "dstrome2", "garycentric", "jborsecnik", + "padmagit77", "rjagiewich", "rmca14", "shdyas", @@ -73,9 +74,7 @@ "traya1", "v-dihans", "v-stchambers", - "v-stsavell", - "padmagit77", - "aditisrivastava07" + "v-stsavell" ], "searchScope": [ "Windows 10" diff --git a/windows/security/identity-protection/passkeys/index.md b/windows/security/identity-protection/passkeys/index.md index 2cf7429c80..be6abe05f7 100644 --- a/windows/security/identity-protection/passkeys/index.md +++ b/windows/security/identity-protection/passkeys/index.md @@ -31,7 +31,7 @@ FIDO protocols prioritize user privacy, as they're designed to prevent online se ### Passkeys compared to passwords -Passkeys have several advantages over passwords, including their ease of use and intuitive nature. Unlike passwords, passkeys are easy to create, don't need to be remembered, and don't need to be safeguarded. Additionally, passkeys are unique to each website or application, preventing their reuse. They're highly secure because they're only stored on the user's devices, with the service only storing public keys. Passkeys are designed to prevent attackers to guess or obtain them, which helps to make them resistant to phishing attempts where the attacker may try to trick the user into revealing the private key. Passkeys are enforced by the browsers or operating systems to only be used for the appropriate service, rather than relying on human verification. Finally, passkeys provide cross-device and cross-platform authentication, meaning that a passkey from one device can be used to sign in on another device. +Passkeys have several advantages over passwords, including their ease of use and intuitive nature. Unlike passwords, passkeys are easy to create, don't need to be remembered, and don't need to be safeguarded. Additionally, passkeys are unique to each website or application, preventing their reuse. They're highly secure because they're only stored on the user's devices, with the service only storing public keys. Passkeys are designed to prevent attackers to guess or obtain them, which helps to make them resistant to phishing attempts where the attacker might try to trick the user into revealing the private key. Passkeys are enforced by the browsers or operating systems to only be used for the appropriate service, rather than relying on human verification. Finally, passkeys provide cross-device and cross-platform authentication, meaning that a passkey from one device can be used to sign in on another device. [!INCLUDE [passkey](../../../../includes/licensing/passkeys.md)] @@ -113,7 +113,7 @@ Pick one of the following options to learn how to save a passkey, based on where :::row::: :::column span="4"::: - 4. Select your linked device name (e.g. **Pixel**) > **Next** + 4. Select your linked device name (for example, **Pixel**) > **Next** :::column-end::: :::row-end::: :::row::: @@ -241,7 +241,7 @@ Pick one of the following options to learn how to use a passkey, based on where :::row::: :::column span="4"::: - 4. Select your linked device name (e.g. **Pixel**) > **Next** + 4. Select your linked device name (for example, **Pixel**) > **Next** :::column-end::: :::row-end::: :::row::: @@ -329,12 +329,12 @@ To configure devices with Microsoft Intune, [you can use a custom policy][INT-2] | Setting | |--| -|
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Bluetooth/`[AllowAdvertising][CSP-1]
  • Data type: **Integer**
  • Value: `0`

    • When set to `0`, the device won't send out advertisements. | -|
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Bluetooth/`[AllowDiscoverableMode][CSP-2]
  • Data type: **Integer**
  • Value: `0`

    • When set to `0`, other devices won't be able to detect the device. | +|
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Bluetooth/`[AllowAdvertising][CSP-1]
  • Data type: **Integer**
  • Value: `0`

    • When set to `0`, the device doesn't send out advertisements. | +|
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Bluetooth/`[AllowDiscoverableMode][CSP-2]
  • Data type: **Integer**
  • Value: `0`

    • When set to `0`, other devices can't detect the device. | |
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Bluetooth/`[AllowPrepairing][CSP-3]
  • Data type: **Integer**
  • Value: `0`

    • Prevents specific bundled Bluetooth peripherals from automatically pairing with the host device. | |
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Bluetooth/`[AllowPromptedProximalConnections][CSP-4]
  • Data type: **Integer**
  • Value: `0`

    • Prevents users from using Swift Pair and other proximity-based scenarios. | -|
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Bluetooth/`[ServicesAllowedList][CSP-5]
  • Data type: **String**
  • Value: `{0000FFFD-0000-1000-8000-00805F9B34FB};{0000FFF9-0000-1000-8000-00805F9B34FB}`

    Set a list of allowable Bluetooth services and profiles:
    - FIDO Alliance Universal Second Factor Authenticator service (`0000fffd-0000-1000-8000-00805f9b34fb`)
    - FIDO2 secure client-to-authenticator transport service (`0000FFF9-0000-1000-8000-00805F9B34FB`)

    For more information see [FIDO CTAP 2.1 standard specification][BT-1] and [Bluetooth Assigned Numbers document][BT-2]. | -|
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/DeviceInstallation/`[PreventInstallationOfMatchingDeviceIDs][CSP-6]
  • Data type: **String**
  • Value: ``

    • This configuration disables the existing Bluetooth Personal Area Network (PAN) network adapter, preventing the installation of the Bluetooth Network Adapter that can be used for network connectivity or tethering. | +|
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Bluetooth/`[ServicesAllowedList][CSP-5]
  • Data type: **String**
  • Value: `{0000FFFD-0000-1000-8000-00805F9B34FB};{0000FFF9-0000-1000-8000-00805F9B34FB}`

    Set a list of allowable Bluetooth services and profiles:
    - FIDO Alliance Universal Second Factor Authenticator service (`0000fffd-0000-1000-8000-00805f9b34fb`)
    - FIDO2 secure client-to-authenticator transport service (`0000FFF9-0000-1000-8000-00805F9B34FB`)

    For more information, see [FIDO CTAP 2.1 standard specification][BT-1] and [Bluetooth Assigned Numbers document][BT-2]. | +|
  • OMA-URI: `./Device/Vendor/MSFT/Policy/Config/DeviceInstallation/`[PreventInstallationOfMatchingDeviceIDs][CSP-6]
  • Data type: **String**
  • Value: ``

    • Disables the existing Bluetooth Personal Area Network (PAN) network adapter, preventing the installation of the Bluetooth Network Adapter that can be used for network connectivity or tethering. | #### [:::image type="icon" source="../../images/icons/powershell.svg" border="false"::: **PowerShell**](#tab/powershell) @@ -370,7 +370,7 @@ New-CimInstance -Namespace $namespaceName -ClassName $className -Property @{ --- >[!NOTE] ->Once the settings are applied, if you try to pair a device via Bluetooth, it will initailly pair and immediately disconnect. The Bluetooth device is blocked from loading and not availabe from Settings nor Device Manager. +>Once the settings are applied, if you try to pair a device via Bluetooth, it will initially pair and immediately disconnect. The Bluetooth device is blocked from loading and not available from Settings nor Device Manager. ## :::image type="icon" source="../../images/icons/feedback.svg" border="false"::: Provide feedback