Hacker News new | ask | show | jobs
by kadoban 894 days ago
No, the final one only required local access as the user in question (this is mentioned after the one you're referring to that required AD Domain takeover).
1 comments
jabart 894 days ago
Ah yeah.

1. Off workstation decrypt using the AD DPAPI Backup keys. 2. Local DPAPI List and Dump for the windows hello biometric key

link