I'm setting up TrueNAS for the first time and have been dabbling for months. I'd like to understand more about user accounts and using the "Microsoft Account" checkbox. I am using local accounts and groups. I have verified that if I set my email and password to match my Microsoft account, I am able to log in and easily get to Network shares. This is pretty awesome and convenient but also a bit scary for me.
I'm pretty careful with my Microsoft Account password, so I don't like storing it on another system. How does authentication work, and what exactly is TrueNas storing? Is it special to TrueNAS, or something in FreeBSD? I am worried about two things - first, that this credential is stored in a way that it can be retrieved directly, and second that it could be some token that could be reused in other places. I'm looking for a pretty technical answer, that probably includes terms like "cryptographically hashed" and "salted" etc.
TrueNAS hardware:
Ryzen 5950X on an ASUS ROG Crosshair VIII Dark Hero X570S motherboard, running Proxmox with TrueNAS as a VM passing in 8 CPUs, 16GB Ram, and MZHOU PCIe SATA Card 8 Port.
Disclaimer: I work at Microsoft, but I don't work on Windows, authentication, or storage.
Thanks in advance!
I'm pretty careful with my Microsoft Account password, so I don't like storing it on another system. How does authentication work, and what exactly is TrueNas storing? Is it special to TrueNAS, or something in FreeBSD? I am worried about two things - first, that this credential is stored in a way that it can be retrieved directly, and second that it could be some token that could be reused in other places. I'm looking for a pretty technical answer, that probably includes terms like "cryptographically hashed" and "salted" etc.
TrueNAS hardware:
Ryzen 5950X on an ASUS ROG Crosshair VIII Dark Hero X570S motherboard, running Proxmox with TrueNAS as a VM passing in 8 CPUs, 16GB Ram, and MZHOU PCIe SATA Card 8 Port.
Disclaimer: I work at Microsoft, but I don't work on Windows, authentication, or storage.
Thanks in advance!