With a denser battery the Arlo Pro 6 adds more battery life over the previous iteration, while maintaining the excellent 2K image quality and flexible installation. With an Arlo Secure subscription you get very powerful object detection, with the highest tier offering person and vehicle recognition into the mix, plus a custom AI detection where you can spot an open gate, missing wheelie bin or pretty much anything else you can think of. All of this together makes the Arlo Pro 6 one of the best and most comprehensive security cameras, but subscriptions are also very expensive and have relatively short video history periods compared to the competition.
Excellent video quality
Flexible and powerful app
Hugely flexible object detection (with subscription)
Arlo subscriptions are expensive
Battery powered
Run for up to eight months on a single charge
Wi-Fi
Connects to your home network via Wi-Fi
Needs a subscription for the main features
You need Arlo Secure for cloud storage and object detection
The Arlo Pro 6 2k+ is a somewhat familiar-looking device.
In fact, it looks pretty much like every Arlo camera back to the Arlo Pro 3. Don’t judge this camera on its external looks, as there are enough internal changes that make it a worthy successor to the previous generation (the Arlo Pro 5), including easier setup and a denser battery.
With a more powerful cloud subscription service behind the camera, the Pro 6 can form part of a very capable security system, just don’t expect it to be cheap.
You can buy the Arlo Pro 6 2K in packs of one, two, three or four, with more expensive kits working out cheaper per camera.
Take a look at the Arlo Pro 5, and the Pro 6 doesn’t seem that different: both look the same, have the same resolution, have a spotlight and are controlled via the same app and cloud service.
But, look a little more closely, and there are some clear changes. First, the camera has a USB-C port, rather than the old magnetic connector of the previous model. That’s a good change, as any USB-C cable can be used, and you don’t have to worry about losing the proprietary connector. In my experience, the USB-C cable seems to charge the battery slightly faster, too.
Talking of the battery, the new version has a higher-density pack, with 15% more battery life. That should help reduce how often you have to take the camera down for charging, although where it’s pointed and how often recording is triggered.
Bluetooth is a new addition to the camera, too, which speeds up discovery time when installing the camera. Guaranteed, you only need that the once, but I’ll take anything that makes life easier.
This camera can be connected to Wi-Fi directly or to a Smart Hub, if you have one. A Smart Hub also provides offline recording, although you do lose many of the camera’s best features if doing so.
If you want to go offline and avoid paying for a cloud subscription, something like the EufyCam S4 might make more sense.
The Arlo Pro 6 comes with a fully adjustable wall mount, which is the same as the one the company has used for years. That’s handy, as you can unscrew and older camera and fit the new one if you need to.
If starting from scratch, the mount is easy to attach to a wall and gives plenty of flexibility to point the camera where you want it.
The Arlo Pro 6 slots into the Arlo app alongside any other cameras you might have. It remains one of my favourite security apps, as it’s so configurable. There’s a home screen that lets me select the location’s modes: Arm Away, Arm Home and Standby.
Just like with a security system, such as the Ring Alarm, these modes let me choose which cameras are active at any time. For example, I have my outdoor cameras record when set to Arm Home, and everything turned on when set to Arm Away.
This page also has customisable widgets, so you can have shortcuts to any camera you want, but you don’t have to have previous of all cameras.
As mentioned above, if you have a Smart Hub you can record offline, but you lose out on all of the smart features. Realistically, then, you need to have an Arlo Secure plan, just be prepared to pay a lot for it.
Arlo Secure gives you cloud recording for one camera at a resolution of up to 2K, with just seven days of history (very stingy), plus Person, Animal, Vehicle and Package Detection.
Upgrade to Secure Multi-Cam and you get cloud storage for four cameras, but otherwise the same features as the single camera package. This costs £11.99 a month, which is still expensive but better overall value than the single camera option if you have more than one camera.
The most advanced features come with the Arlo Secure Plus subscription, which upgrades recording to a maximum of 4K (not relevant here, but it is if you have an Ultra camera), 14 days of cloud history and the new AI detection features, which I’ll get into shortly. This costs £19.99 a month, making it very expensive.
With the more basic package, I can easily cut down on alerts by using motion zones to focus the camera on important areas, and then the excellent people, animal and vehicle detection. Get the right mix, and the number of alerts plummets.
Pay for the more expensive package and you get person recognition (facial recognition, as most people would call it). You can let the camera pick up people and name them, or feed in photos from your photo library to give the Pro 6 a head start.
Oddly, people detection is only available on a single camera in your home, so pick the one that makes most sense; most other systems that I’ve tested run facial recognition across all devices.
Vehicle recognition is another new feature. It’s like facial recognition for cars, in that you can tell the camera to spot certain vehicles. This can run on all cameras.
There’s also Custom Detection, which involves taking two snapshots with something different between them: a gate open or a wheelie bin missing, for example. You can then get alerts when the action is detected, either through motion being triggered, by firing the rule at a set time, or when the mode changes.
I set up one to watch for the back door opening, but this proved to be not very reliable, often triggering when there was any motion. I think that the glass doors, and the distance from the camera, confused the system, so Custom Detection might work better with bigger, more obvious changes.
It’s all very clever, and the system is virtually limitless, provided you can train the system, but it’s a very expensive option to have.
All video is recorded to the cloud (assuming you have a subscription), and is available in the Feed section. This can be filtered by date, by device, and then by event type, of which there are far too many to name here. There’s enough granularity to quickly find a clip, although Arlo doesn’t have the fancy AI search that Ring now has.
Arlo has long been towards the top of the quality tables, and the Pro 6 keeps that record up. Footage is very similar to that from the Pro 5, which isn’t a criticism.
During the day, the footage is exceptionally sharp, and detailed through the frame, with the 160° lens capturing a lot of what’s going on. Colours are excellent and there’s detail through the frame. This is about as good as you can expect from a 2K video camera.
At night, the Pro 6 can use its spotlight to shoot in full colour, and the results are impressive, with almost as much detail as during the day. The only real change is that motion gets a bit blurry, so it takes a bit of hunting to find a clip where someone’s face is clear; those frames do exist. Again, I’ve not seen better from a 2K camera.
Arlo says that the battery can last up to eight months on a single charge, although how that pans out will depend on where the camera’s pointing. I recommend angling any battery powered security camera away from high activity areas, such as a main road, to increase battery life.
Based on initial testing, I think that I’d get a good five months between charging, if not longer.
Brilliant 2K footage day and night, flexible placement and long battery life all make this camera a winner whether it’s inside or out.
This camera works best with an Arlo Secure subscription, which is very expensive compared to the competition, even though it is very good.
The overall Arlo system and app remain one of the best available, and the new AI features let you do more than with any other camera, thanks to the training mode. But you have to be prepared to pay for the luxury, and Arlo Secure is expensive and has limited video history compared to the competition.
If you’ve got Arlo Pro 5 cameras, there’s very little here to make it worth the upgrade, but if you’ve got older cameras or are starting from scratch, the Arlo Pro 6 is a brilliant, high-quality camera. If you’d rather have something with cheaper running costs, then read my guide to the best outdoor security cameras.
Unlike other sites, we test every security camera we review thoroughly over an extended period of time. We use industry standard tests to compare features properly. We’ll always tell you what we find. We never, ever, accept money to review a product.
Find out more about how we test in our ethics policy.
Without a subscription you can view the live feed and get basic notifications, and record to a hub; you need a subscription for cloud storage and for the more advanced detection options.
The Pro 6 has a higher density battery, USB-C charging and it has Bluetooth for faster setup.
| Arlo Pro 6 2K Review | |
|---|---|
| Manufacturer | – |
| Size (Dimensions) | 52 x 78 x 89 MM |
| Release Date | 2026 |
| First Reviewed Date | 17/03/2026 |
| Model Number | Arlo Pro 6 2K |
| Resolution | 2560 x 1440 |
| Battery Length | 8 months |
| Smart assistants | Yes |
| App Control | Yes |
| Camera Type | Indoor/outdoor wireless |
| Mounting option | Wall |
| View Field | 160 degrees |
| Recording option | Cloud (with subscription), offline (requires hub) |
| Two-way audio | Yes |
| Night vision | Yes (full colour) |
| Light | Spotlight |
| Motion detection | Yes |
| Activity zones | Yes |
| Object detection | People, vehicles, animals, custom |
| Audio detection | Alarms |
| Power source | Battery |
In a letter to the residents of Tumbler Ridge, Canada, OpenAI CEO Sam Altman said he is “deeply sorry” that his company failed to alert law enforcement about the suspect in a recent mass shooting.
After police identified 18-year-old Jesse Van Rootselaar as a suspected shooter who allegedly killed eight people, the Wall Street Journal reported that OpenAI had flagged and banned Van Rootselaar’s ChatGPT account in June 2025 for after she described scenarios involving gun violence. The company’s staff debated alerting police but ultimately decided against it, eventually reaching out to Canadian authorities after the shooting.
OpenAI has since said that it is improving safety protocols, for example by putting more flexible criteria in place to determine when accounts get referred to authorities, and by establishing direct points of contact with Canadian law enforcement.
In Altman’s letter, which was first published in the local newspaper Tumbler RidgeLines, the CEO said he’d discussed the shooting with Tumbler Ridge Mayor Darryl Krakowka and British Columbia Premier David Eby, and they’d all agreed “a public apology was necessary,” but “time was also needed to respect the community as you grieved.”
“I am deeply sorry that we did not alert law enforcement to the account that was banned in June,” Altman said. “While I know words can never be enough, I believe an apology is necessary to recognize the harm and irreversible loss your community has suffered.”
Altman also said that OpenAI’s focus will “continue to be on working with all levels of government to help ensure nothing happens like this again.”
In a post on X, Eby said Altman’s apology is “necessary, and yet grossly insufficient for the devastation done to the families of Tumbler Ridge.”
Techcrunch event
San Francisco, CA
|
October 13-15, 2026
Canadian officials have said they are considering new regulations on artificial intelligence but have not made any final decisions.
If you are in a crisis or having thoughts of suicide, call or text 988 to reach the 988 Suicide and Crisis Lifeline.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
Is truth determined by the size of the audience it reaches?
If so, Michael—a new film about the pop singer Michael Jackson that is on track to have the biggest-ever opening for a music biopic, with projected earnings of $70 million at the US box office, despite critics saying it sanitizes the reality of who Jackson actually was—intends to supplant the King of Pop as the apotheosis of artistic virtue.
The film’s release has sparked a civil war online, between those eager to reclaim the music and myth of Jackson, and those who see any celebration of him as a failure of accountability.
Musically, Jackson was in a class all his own. In the pre-social media days, before AI artists charted on Billboard and he became a recurring meme online, Jackson was the epitome of monoculture: 13 number one singles, countless awards, twice inducted into the Rock & Roll Hall of Fame. He remains, even in death, one of the best-selling music artists of all time. But his legacy was also defined by multiple allegations of sexual abuse, an occasionally eccentric personal life, and Jackson’s on-record admission of sharing his bed with underage boys. “This guy was worse than Jeffrey Epstein,” Dan Reed, the director of Leaving Neverland, the 2019 Emmy-winning HBO documentary about Jackson’s alleged sexual misconduct, recently told the Hollywood Reporter.
Director Antoine Fuqua, who maintains Jackson’s innocence, never intended to fully avoid the allegations that circled Jackson later in life. According to him, the original cut of Michael included a reenactment of the 1993 police raid on Neverland Ranch, where Jackson was strip-searched to verify the physical description of his first accuser, Jordan Chandler. But the scene was ultimately scrapped along with the film’s entire third act—totaling $15 million in reshoots—because of a legal clause in a settlement with Chandler that prohibited the depiction of his experience on screen.
The result is a film that stops abruptly in 1988 and erases the most controversial two decades of Jackson’s life. Instead, the film emphasizes Jackson’s musical legacy—the story arc is structured around career-defining music moments, like the making of the “Thriller” video—over the more contentious aspects of his personal behavior.
Scrubbing the Neverland Ranch scene, but also choosing to completely write around any of Jackson’s alleged misconduct, is not surprising given that the Jackson estate had approval over the use of his music, essentially granting it veto power over the film’s final cut. One argument that keeps surfacing on social media is that critics should judge Michael on its own terms rather than on what they think it should have been. “It seems like people wanted a movie [that] was never going to exist,” noted one X user. “So it was never going to be salacious or introspective”
Jackson’s fans argue the allegations shouldn’t eclipse his musical and artistic legacy, separating the artist from the work, while critics insist that a biopic should present a complete picture of Jackson, regardless of how unflattering that picture may be. As film critic Sean Burns characterized it on X, ending “with the release of Bad is like ending an OJ biopic with him winning the Heisman.” A good Michael Jackson movie, wrote the artist Harmony Holiday, “would be part tragedy, part farce,” calling attention to how the film lacks the real kind of interiority that made Jackson so polarizing.
“Watching it feels more like being frog-marched through a wax museum than watching a movie, each milestone restaged with an off-putting, uncanny-valley resemblance and no interiority,” critic Alison Willmore noted in Vulture.
A 31-year-old engineer and computer scientist was identified in media reports and President Donald Trump as the suspected shooter at the White House Correspondents Dinner on Saturday night.
Cole Tomas Allen, of Torrance, California, was apprehended following the firing of shots at the Washington Hilton, where Trump was scheduled to deliver remarks to a ballroom full of journalists, cabinet officials, and Hilton staff. Allen’s name surfaced in media reports shortly before Trump posted two photos of a suspect following his apprehension. The person in the photos Trump posted matches photos of Allen.
In dramatic scenes, several shots were heard outside the ballroom, after which Trump and Vice President JD Vance were immediately rushed off the stage by the United States Secret Service. In the immediate aftermath of the shooting incident, it briefly appeared as if the event would proceed—Trump posted “LET THE SHOW GO ON” on Truth Social—but the event was eventually shut down.
According to the Metropolitan Police Department, the suspect “charged” a Secret Service checkpoint at the Hilton hotel, and was intercepted by agents. MPD interim chief Jeffery Carroll said the suspect was carrying a “shotgun, handgun, and multiple knives.”
At a White House press conference following the shooting, Trump said one United States Secret Service agent was shot but saved from serious injury by his bulletproof vest. Trump said the agent, who was not named, is “doing great” and in “great shape.” No other injuries were immediately reported.
The suspect was later transported to a local hospital “to be evaluated,” according to Carroll, who said he appears to be a “lone actor.”
Around the time Trump’s press conference began on Saturday night, he posted a picture on his Truth Social account appearing to show the suspected shooter on the ground, with his hands restrained behind his back, and a foil warming blanket covering the lower half of his body.
A WIRED review of public databases shows a seemingly minimal online presence associated with Allen’s name. According to his LinkedIn profile, he graduated from Caltech in 2017 with a bachelor’s in mechanical engineering from California State University Dominguez Hills in 2025 with a master’s in computer science. A photo that appears to be of Allen appears on the Caltech site identifying him as a member of the school’s Mechanical Engineering 72 class, described by the school as a “two-term engineering design lab” for building robots and autonomous vehicles. His name is also listed in a 2025 Dominguez Hills graduation program. A search in a public facial recognition database returns only two images, both apparently of him as an undergraduate.
According to the shooter’s LinkedIn profile, he has been employed part-time since March 2020 at C2 Education, a private company that helps students prepare for the SAT and ACT exams. In December 2024, C2 Education said in posts on LinkedIn and Facebook that he was the company’s “December Teacher of the Month.”
Since 2018, the suspected shooter self-identified on his LinkedIn profile as a “self-employed” indie game developer. He appears to have released an “atomic fighting game” called Bohrdom on Steam in 2018. He advertised the game using accounts on YouTube and X that appeared to have little to no following. The caption for a trailer of the game describes it as a “non-violent, skill-based, asymmetrical fighting game loosely based on a chemistry model that is itself loosely based on reality.”
Relatives of Allen’s did not immediately respond to requests for comment. C2 Education and the Metropolitan Police Department also did not immediately respond to requests for comment.
Sharma described the decision-making process as an equation, noting that memory costs influence multiple variables. She said Microsoft’s focus is on building a console capable of running great games – including PC titles – while accounting for market conditions that remain in flux.
Read Entire Article
Source link
In a recent experiment, Anthropic created a classified marketplace where AI agents represented both buyers and sellers, striking real deals for real goods and real money.
The company admitted this test — which it called Project Deal — was only “a pilot experiment with a self-selected participant pool” of 69 Anthropic employees who were given a budget of $100 (paid out via gift cards) to buy stuff from their coworkers.
Nonetheless, Anthropic said it was “struck by how well Project Deal worked,” with 186 deals made, totaling more than $4,000 in value.
The company said it actually ran four separate marketplaces with different models — one that was “real” (where everyone was represented by the company’s most-advanced model, and with deals actually honored after the experiment) and another three for study.
Apparently, when users are represented by more advanced models, they get “objectively better outcomes,” Anthropic said. But users didn’t seem to notice the disparity, raising the possibility of “‘agent quality’ gaps” where “people on the losing end might not realize they’re worse off.”
Also, the initial instructions given to the agents didn’t appear to affect sale likelihood or the negotiated prices.
Microsoft is rolling out a major overhaul of its Windows Insider Program, aiming to simplify how early Windows features are tested while addressing long-standing user complaints around complexity and control. The update marks one of the biggest structural changes to the program in years, signaling a shift in how Microsoft wants to collaborate with its testing community.
The revamped program introduces a streamlined structure, reducing multiple Insider channels into two primary ones: Beta and Experimental. This replaces the earlier, more fragmented system that included Dev, Canary, and Release Preview channels, which often confused users about where they belonged.
Microsoft is also making it easier for users to move between channels or exit the program without needing a full system reset, thanks to in-place upgrade options.
Alongside structural changes, the company is rolling out new preview builds and features that focus heavily on usability. Early updates include improvements to Windows Update, such as the ability to pause updates, avoid forced restarts, and gain more control over when updates are installed.
This shift reflects direct feedback from users who have long complained about disruptive updates and lack of control.
The Windows Insider Program is more than just a testing environment. It plays a critical role in shaping the future of Windows by allowing millions of users to test features before they reach the general public.
By simplifying the program, Microsoft is attempting to make feedback more meaningful and participation more accessible. The previous multi-channel system often led to fragmentation, with users unsure about stability levels or feature timelines.
The new approach suggests Microsoft is prioritizing clarity and efficiency over experimentation chaos. It also indicates a broader shift toward improving Windows 11’s overall quality, rather than rushing out features without sufficient refinement.
Even if you’re not a Windows Insider, these changes will likely affect your everyday experience. The Insider Program acts as a testing ground for features that eventually roll out to all users. Improvements in update control, system stability, and feature clarity will directly influence future Windows releases.
For enthusiasts and developers, the changes make it easier to participate in testing without dealing with confusing channel choices or risky upgrades. For regular users, it means the features you eventually receive are more likely to be polished and less disruptive.
In simple terms, a better Insider Program leads to a better Windows experience overall.
The rollout of the revamped program is happening in phases, with users gradually being moved into the new channel structure. Microsoft is expected to continue refining the experience, focusing on transparency, clearer communication, and stronger integration of user feedback into development decisions. There are also indications that future updates will place greater emphasis on performance, reliability, and user control rather than just adding new features.
This overhaul doesn’t introduce a new version of Windows, but it may be just as important. It reflects a recognition from Microsoft that building a better operating system starts with listening more effectively to the people who use it.
Author: Eirik Salmi, System Analyst at Passwork
When a threat actor walks into your network using a legitimate username and password, which control stops them?
For most financial institutions, the honest answer is: nothing catches it immediately. The attacker looks like an authorised user. They move laterally, escalate privileges, and map critical systems for an average of 186 days before the breach is even identified — and a further 55 days to contain it — according to IBM’s Cost of a Data Breach Report (2025).
By then, the operational damage is done, and the regulatory clock has already started.
On January 17, 2025, the Digital Operational Resilience Act (DORA) entered into application across the EU. Article 9 of the regulation makes credential security a binding financial risk control, with supervisory consequences for institutions that fall short.
The question is no longer whether your authentication posture meets best practice. It is whether it meets the law — and whether you can prove it.
This article traces the specific Article 9 requirements that govern credential management, explains why a compromised password is an operational resilience failure under DORA’s framework, and outlines the practical controls that close the gap.
Stolen credentials are the single largest initial access vector in 2025, accounting for 22% of all data breaches, per Verizon’s Data Breach Investigations Report. For financial institutions, the sector-specific cost of that exposure averages $5.56 million per incident, according to IBM’s Cost of a Data Breach Report — down from $6.08 million in 2024, yet still the second-highest of any industry globally.
The supply side of credential theft has been fully industrialised. Initial Access Brokers sell verified corporate network access for an average of $2,700, with 71% of listings including privileged credentials — pre-packaged access that requires no technical skill to exploit, according to Rapid7 research.
Infostealers such as Lumma, RisePro, StealC, Vidar, and RedLine automate credential harvesting at scale. IBM X-Force data shows their delivery via phishing increased 84% year-on-year in 2024, with 2025 data pointing to an even steeper trajectory.
DORA’s Article 9 exists precisely to interrupt this chain. The regulation reflects a documented, ongoing threat to the operational continuity of European financial markets.
DORA Article 9 requires strong authentication, least-privilege access, and documented controls.
Passwork delivers all three — self-hosted, ISO 27001 certified, with full audit logs your compliance team can export on demand.
Article 9 of DORA — titled “Protection and Prevention” — sits within the ICT risk management framework mandated by Article 6. It sets out specific technical and procedural obligations that financial entities must implement.
Two provisions are directly relevant to credential management.
Article 9(4)(c) requires financial entities to “implement policies that limit the physical or logical access to information assets and ICT assets to what is required for legitimate and approved functions and activities only.” This is the least-privilege principle, stated as a legal obligation.
Article 9(4)(d) goes further, requiring entities to “implement policies and protocols for strong authentication mechanisms, based on relevant standards and dedicated control systems, and protection measures of cryptographic keys whereby data is encrypted based on results of approved data classification and ICT risk assessment processes.”
Unpacking that language in operational terms: MFA is mandatory. The reference to “relevant standards” points directly to FIDO2/WebAuthn — the most widely deployed authentication standard currently resistant to Adversary-in-the-Middle (AiTM) phishing kits, which can bypass SMS and TOTP-based MFA in real time. Cryptographic key management is a regulatory requirement.
Privileged access management (PAM) tools are not named explicitly in the regulation — but the controls they deliver map directly onto Article 9’s requirements. Session recording, just-in-time (JIT) access provisioning, and privileged credential vaulting are precisely the “dedicated control systems” the regulation describes.
Institutions that have not deployed these controls face a compliance gap that supervisors can act on.
The European Banking Authority (EBA) and ESMA’s Regulatory Technical Standards under DORA provide additional specificity on ICT risk management requirements, reinforcing the Article 9 baseline with sector-specific implementation guidance.
DORA’s stated purpose is to ensure financial entities can withstand, respond to, and recover from ICT disruptions. A credential compromise looks entirely different through that lens than it does through a security incident lens.
With an average dwell time of 186 days, a compromised credential does not produce a discrete security event. It produces a sustained, invisible threat to operational continuity — an attacker moving laterally, escalating privileges, and mapping critical systems while appearing as a legitimate user. It is a direct threat to the operational continuity DORA is designed to protect.
The breach of France’s national bank registry in January 2026 made the mechanics concrete. A threat actor obtained the credentials of a single civil servant with access to Ficoba — the interministerial database holding records on every bank account opened in France.
Using only that one account, the attacker accessed and extracted data on 1.2 million bank accounts, including IBANs, account holder names and addresses, and tax identification numbers.
The affected system was taken offline, operations at the registry were disrupted, and the incident was reported to France’s data protection authority, CNIL. The attack required no technical sophistication.
Under DORA, an incident of that scale at a financial entity would trigger mandatory reporting obligations under Article 19 — an initial notification within 4 hours of classification (and no later than 24 hours after detection), an intermediate report within 72 hours, and a final report within one month.
DORA’s Chapter V places explicit obligations on financial entities regarding ICT third-party risk. The compliance perimeter does not stop at the institution’s own systems.
The Santander breach in May 2024 is the European reference point. Attackers used credentials stolen from employees of Snowflake to access a database containing customer and employee data across Spain, Chile, and Uruguay.
The credentials had been harvested months earlier by infostealer malware infecting contractor workstations. None of the compromised Snowflake accounts had multi-factor authentication enabled.
The entry point was not inside Santander. It was a vendor’s weak authentication posture — and it exposed data belonging to one of Europe’s largest banks without a single exploit being written.
Under DORA, a financial institution whose critical ICT provider suffers a credential-based breach faces direct regulatory exposure. Institutions must contractually require equivalent authentication standards from their vendors and audit compliance against those requirements.
A vendor’s password policy gap is not the vendor’s problem alone — it is the financial entity’s regulatory liability.
Meeting Article 9’s requirements demands a structured programme across four areas.
Deploy phishing-resistant MFA first. FIDO2/WebAuthn-based authentication — hardware security keys, passkeys, platform authenticators. SMS and TOTP-based one-time passwords are not adequate against current attack techniques. Enforce phishing-resistant MFA for all users, with particular rigour on privileged accounts and remote access paths.
Enforce least-privilege access. JIT provisioning — granting elevated access only for the duration of a specific task — eliminates the standing privileges that make credential theft so damaging. Deactivate accounts immediately on offboarding. Dormant accounts are among the most common and most avoidable attack vectors.
Vault all credentials. Service account passwords, API keys, and privileged credentials must be stored in an encrypted, access-controlled credential vault. Manual credential management at scale is operationally unworkable and produces no audit trail. A business password manager Passwork — deployed on-premise within the institution’s own infrastructure — provides the encrypted vaulting, granular access controls, and complete activity history that Article 9 demands.
Monitor continuously. Anomalous login behaviour — unusual geolocations, off-hours access, lateral movement patterns — must trigger automated alerts. Reducing that 186-day average dwell time is the single most effective lever for cutting both financial exposure and DORA incident reporting obligations.
All four controls depend on the same foundation: how credentials are stored, shared, accessed, and monitored. Without structure at that layer, even well-designed policies fail at execution.
Passwork is a corporate password manager certified to ISO/IEC 27001 and available as a self-hosted deployment — meaning your credential data never leaves your own infrastructure.
For financial entities navigating DORA’s Chapter V supply chain obligations, that distinction matters: a third-party SaaS credential store introduces exactly the kind of ICT dependency the regulation requires you to govern.
For institutions working through the four controls above, Passwork addresses the credential management dimension of each.
MFA enforcement across the credential layer. Passwork supports biometric, passkey, and security key MFA natively, with SAML SSO and LDAP integration for enterprise environments.
Role-based access control and least privilege. Permissions are assigned at vault and folder level, inherited from AD or LDAP groups, and updated automatically on directory changes. Offboarding revokes access to shared credentials in a single operation — logged and timestamped, producing the evidence an investigator will request under Article 9(4)(c).
Privileged account inventory and secure sharing. Passwork provides a structured, searchable repository of all organisational credentials, including shared administrative accounts. Encrypted vault sharing replaces informal channels that leave no audit trail and cannot be revoked.
Audit logs for compliance documentation. Every credential access, permission change, password reset, and sharing event is recorded in a tamper-evident log, exportable for compliance reporting and integrable with SIEM systems. A structured activity history is a substantively stronger response to a regulator than a policy document alone.
DORA compliance is as much an evidence problem as a technical one. The institutions that navigate enforcement most effectively are those that can produce documentation on demand.
DORA has converted credential management from a security best practice into a binding financial risk control. Articles 9(4)(c) and 9(4)(d) are explicit: least-privilege access, strong authentication, and cryptographic key protection are legal obligations for every financial entity operating in the EU.
Operational resilience begins with identity — and identity begins with controlling who holds the keys.
Audit your credential controls against Article 9, document the findings, and have the evidence ready before a regulator asks. Under DORA, the absence of documentation is itself a finding.
Passwork is designed for exactly this situation: a self-hosted password manager that keeps credential data inside your own infrastructure, enforces MFA across every access point, and generates the tamper-evident audit logs that turn a compliance conversation from a liability into a demonstration. ISO/IEC 27001 certified, with LDAP and SAML SSO integration for enterprise environments.
Start your free Passwork trial — full functionality, no limitations.
Sponsored and written by Passwork.
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions.
The flaw is identified as CVE-2026-41651 and received a high-severity rating of 8.8 out of 10. It has persisted for almost 12 years in the PackageKit daemon, a background service that manages software installation, updates, and removal across Linux systems.
Earlier this week, some information about the vulnerability has been published, along with PackageKit version 1.3.5 that addresses the issue. However, technical details and a demo exploit have been not been disclosed to allow the patches to propagate.
An investigation from the Deutsche Telekom Red Team uncovered that the cause of the bug is the mechanism PackageKit uses to handle package management requests.
Specifically, the researchers found that commands like ‘pkcon install’ could execute without requiring authentication under certain conditions on a Fedora system, allowing them to install a system package.
Using the Claude Opus AI tool, they further explored the potential for exploiting this behavior and discovered CVE-2026-41651.
Deutsche Telekom’s Red Team reported their findings to Red Hat and PackageKit maintainers on April 8. They state that it’s safe to assume that all distributions that come with PackageKit pre-installed and enabled out-of-the-box are vulnerable to CVE-2026-41651.
The vulnerability has been present in PackageKit version 1.0.2, released in November 2014, and affects all versions through 1.3.4, according to the project’s security advisory.
Researchers’ testing have confirmed that an attacker could exploit the the CVE-2026-41651 vulnerability in the following Linux distributions:
The list is not exhaustive, though, and any Linux distribution using PackageKit should be treated as potentially vulnerable to attacks.
Users should upgrade to PackageKit version 1.3.5 as soon as possible, and ensure that any other software using the package as a dependency has been moved to a safe release.
Users can use the commands below to check if they have a vulnerable version of the PackageKit installed and if the daemon is running:
dpkg -l | grep -i packagekit
rpm -qa | grep -i packagekit
Users can run systemctl status packagekit or pkmon to check if the PackageKit daemon is available and running, which indicates that the system may be at risk if left unpatched.
Although no details about the state of exploitation have been shared, the researchers noted that there are strong signs showing compromise because exploitation leads to the PackageKit daemon hitting an assertion failure and crashing.
Even if systemd recovers the daemon, the crash is observable in the system logs.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Although there are plenty of premium soundbars available to buy, and the very concept was,at one point, an expensive accessory that only a few home theatre enthusiasts could enjoy, it’s now possible to pick up a soundbar with a budget price tag attached. Even if you only have around £100 / $100 to spend, you can still find a soundbar to elevate your TV’s audio, and thanks to the hard work of our tech experts, we know which ones are best to buy.
Even though soundbars have been around for quite some time, and we’ve honestly tested more than we care to count, there’s a good chance that you might be someone who’s looking to buy their very first soundbar, and in which case it’s worth covering the basics before we move on to the options that our team recommend.
As TVs have only gotten slimmer over the years, this has usually come at the expense of built-in speakers as there’s only so much sound quality you can derive when there isn’t a lot of space available. Soundbars offer a return to form, acting as dedicated speakers that can focus on delivering amazing audio, whilst your TV works solely on the visual side of things.
If you care about good audio quality even a little bit then we can’t recommend soundbars enough. They’re fantastic for everything from elevating vocals so that you can actually hear what characters are saying, to delivering powerful bass that makes action scenes even more intense. Regardless of how much a soundbar costs, we put them all through a series of rigorous tests to see how they perform across multiple use cases.
You can read about our testing process in greater detail below, or skip ahead to get straight to our current recommendations for soundbars that don’t break the bank. If you decide that you’d rather save up and go with a brand that costs a little more then you can find more premium options in our round-up for the best soundbars overall. Similarly, anyone wanting to do a full visual/audio upgrade in one go can also check out the best TVs.
SQUIRREL_ANCHOR_LIST
Soundbars were created to boost TV sound quality – which means we end up watching a lot of TV. We play everything – news reports for voices, movies for scale and effects steering – to ensure that the soundbars that come through the doors at Trusted Reviews are given a proper challenge. We’ll play different genres of music, too, since a good soundbar should be capable of doubling-up as a great music system. More complex soundbars feature network functionality for hooking up to other speakers and playing music around the home, so we test for connectivity issues and ease of use. We cover the spectrum of models available, everything from cheap soundbars costing less than £100/$100 to those over £1000/$1000, to ensure our reviews benefit from our extensive market knowledge. Every product is compared to similarly priced rivals, too.
Great with movies and music
Well-integrated bass
Low-profile and well-made cabinet
Exceptional value
Easy setup
When it comes to budget soundbars, the one that’s been the top of our list for several years is the Wharfedale Vista 200S. It’s been on the market since around 2019, and while the price has fluctuated, you can get it now for a reasonable price.. The design is one we found attractive in appearance while the build quality is durable. The black finish and glossy top surface doesn’t scream cheap, and with a width of 900mm, it’s made to partner TVs up to 65-inches in size. Its slim form factor also means you won’t be living in fear of the soundbar blocking the picture.
In terms of features, There’s not much aside from its active wireless subwoofer. If you want wireless connectivity, you’d be better off seeking the smaller but slightly more expensive Sonos Ray. There are three preset EQ settings for media playback in Movies, Music and News to optimise the soundbar’s sound for those types of content.
Our reviewer found the sound was especially good, with the 200S putting in a great performance across the frequency range with a top-end that didn’t suffer from a lack of detail along with some punchy bass. We also observed the Vista 200S could get loud without sounding harsh or compressed due to its 120W of built-in amplification. It dealt with dialogue well, even without a dedicated centre channel, and if you’re interested in playing music, then it delivers on a smooth and clear performance.
Alternatives around this price include the Sharp HT-SBW202 and the Yamaha SR-C30A, but even after a few years, we haven’t heard a rival that offers as much performance-per-pound at this price as the Wharfedale.
Clean and powerful TV audio
Surprising amount of bass
Wide soundstage
Optional surround sound
Remote setup can be fiddly
Better at TV than music
If you’re looking for a compact and affordable soundbar, the Sonos Ray is our top pick. Designed to make non-HDMI TVs sound better, the Ray is smaller and has fewer features than other Sonos soundbars, but that doesn’t mean it doesn’t offer powerful sound.
The Sonos Ray has a thin and compact design with curved ends forming a lozenge shape and the option of a black or white finish. The Ray is only slightly smaller than the Sonos Beam at 71 x 559 x 95mm and, like the Polk Signa S4, pairs well with TVs that measure up to 55-inches. You can choose to sit the soundbar in front of your TV, mount it on a wall or event place it in an open cabinet if it’s big enough to accomodate.
The Ray doesn’t come with an HDMI port, sticking with just an optical S/PDIF input and providing a cable in the box. There are touch controls on top of the soundbar for controlling playback, skipping tracks, and adjusting the volume.
The setup is quick and the Trueplay configuration allows you to tune the soundbar to your room. The Ray has an IR input, so you can tune it to use your TV’s remote to control the volume. Then there’s the app, which makes it easy to connect and disconnect from rooms with multiroom support, as well as play music from Spotify, Apple Music, Tidal, Deezer or via AirPlay 2.
There’s no Dolby Atmos audio but Dolby Digital still sounds great, albeit not as clean and detailed. There’s also no microphone for voice commands. You can set up skills and control the soundbar with your favourite voice assistant, but you’ll need a separate smart speaker to do so.
Despite its small size, the Sonos Ray has a surprisingly wide soundscape, offering a clear improvement over the audio from the TV we had paired it with. The Speech Enhancement setting boosts voices, and there’s a Night Sound feature for boosting quiet sounds and limiting loud sounds later in the evening. The bass is effective too, though not as room-shattering as the Sonos Arc’s bass response.
Great bass
Customisable RGB lighting
Razer Synapse companion app
Full and warm sound during music and gaming
Subwoofer too large for a desk
Lack of ports
Bluetooth audio is less reliable
The Razer Leviathan V2 is our top affordable gaming soundbar, delivering great audio whether you’re gaming or listening to music. The Leviathan V2 is one of the more toned-down devices we’ve tested from Razer. Both the soundbar and subwoofer sport a matte black finish, with the latter also free of any RGB lighting or other effects. The soundbar is small and slim, fitting snuggling under a monitor for a clean look, though you may need to place the subwoofer under your desk depending on the size of your furniture.
The soundbar feels sturdy and comes with another set of feet for tilting it upwards, but the port selection is lacking. Razer removed the 3.5mm input found on its predecessor, leaving just USB-C and Bluetooth. There’s also a simple selection of buttons, including power, volume, source, and Bluetooth.
18-zone custom RGB lighting lets you customise the soundbar to fit the rest of your gaming setup, as well as match the cues in games and songs. There’s a range of audio presets in the Razer Synapse app, with custom settings for music and gaming, as well as a Bass Boost mode and THX Spatial Audio support to give the sound a more immersive feel.
The audio quality is warm and balanced with an emphasis on bass that feels perfect for FPS games. The sound can easily fill a room, with THX Spatial Audio creating an immersive soundstage, despite not quite being as accurate as Dolby Atmos. Even slower games like Stardew Valley are enhanced with this soundbar, as details are given more clarity and attention. We found that the wired connection was stronger than Bluetooth, offering better clarity and depth than the wireless connection, though we still appreciated the inclusion of Bluetooth as an option.
Huge, open movie soundstage
Punchy and detailed music
Controlled, well-timed bass
Fine build
Front soundstage can feel restrained
Menu scrolling/selection is fiddly
No Wi-Fi or streaming platforms
Yes, before you say anything, £549.99 is lot more to fork out than most options on the list, but the reason why we’ve included the Sharp HT-SBW55121 is that in the context of what surround sound systems cost, that price is actually something of a bargain. Of course, you can ignore this completely if it doesn’t fit your budget, but if you are tempted by the idea of having a sphere of sound envelope you then this is the one to go for.
As part of the Sharp HT-SBW55121, you’re getting a soundbar, a subwoofer and two surround speakers, all of which combine to provide 7.1.4 channels of immersive audio. It’s the type of soundscape that really does make it feel like you’ve travelled to your local cinema as everything happening onscreen takes on a more three-dimensional depth that puts you in the centre of it all.
There’s full support for Dolby Atmos and DTS:X so you get to enjoy the audio of your favourite movies to the exact specification that the filmmakers want you to hear it in. While it’s always nice to actually travel to the cinema and enjoy the big screen experience, if there isn’t one local to you or you just don’t have the time, then this helps you to recreate that experience from the comfort of your own living room. Because there are two HDMI ports on the soundbar, you can hook up more than just your TV, giving you lossless audio if you want to connect a Blu-ray player or games console. It’s also worth mentioning that with presets for different use-cases, including voice, sport and movie, you can adjust the audio to suit what you’re watching.
Of course, because this is a more budget-friendly option compared to what some surround sound systems cost, there are a few compromises to be had. There’s no Wi-Fi connectivity or app control which limits your ability to use the set-up for music or audiobooks, for those moments when you don’t feel like watching TV.
Expansive Atmos performance
Good bass extension
Clear dialogue channel
Great price
Front-heavy delivery
No DTS support
No expansion options
The Polk Signa S4 is our favourite cheap Dolby Atmos soundbar, delivering deep bass and immersive audio at an affordable price.
The Signa S4 has a similar design to Polk’s other soundbars with its simple rectangular shape and black fabric finish blending into its surroundings. The subwoofer is also matte black, sitting on larger feet. Like the Sonos Ray, the Polk Signa S4 is intended to be paired with medium-sized TVs up to 55-inches either standing or wall mounted, with the soundbar measuring 1046 x 60 x 95mm. The subwoofer measures 200 x 280 x 328mm.
You can find basic controls on top of the soundbar, with more options on the small remote that comes in the box.
The Signa S4 uses a 3.1.2-channel system to deliver Dolby Atmos, with additional support for Dolby Digital, Dolby Digital Plus and Dolby TrueHD. The soundbar can also decode PCM, but there is no support for DTS formats.
Connectivity is based around a single HDMI port that supports eARC, allowing lossless audio to be sent back from supporting TVs. There’s also an optical digital input, a 3.5mm analogue auxiliary input, and wireless support with Bluetooth. Other key features include Polk’s VoiceAdjust to keep dialogue clear and precise, and three sound modes – Movies, Music, and Night.
Sound-wide, the Signa S4 is a good all-round performer that produces a decent front soundstage with a solid foundation of bass. The delivery is smooth, with a clean treble and well-defined midrange, while the upward-firing speakers are effective at generating the front overhead channels and the well-integrated subwoofer adds plenty of low-frequency impact to create a genuine sense of scale.
Clear, detailed sound with decent bass
Decent with music
Neat and tidy design
Impressive SuperWide feature
Odd volume issues with sources
Although you might think that bigger is better when it comes to soundbars, the end result doesn’t always go that way, as the Creative Stage Pro proves. If you’re someone who doesn’t have much space to work with then this is the soundbar to go for, as it can accommodate what little space you have and still provide a top-notch audio experience for a reasonable price.
When diving into a viewing of Civil War on 4K Blu-ray, we were blown away by how cinematic the whole thing felt, especially with how well the Stage Pro could deliver clear and audible dialogue. This isn’t always a given on more budget-friendly soundbars, so if you’re sick of having to constantly turn up the volume or switch on the subtitles, then you’ll appreciate what the Stage Pro can do. Even though the vocals come across clearly, the Stage Pro doesn’t leave you wanting when it comes to the lower end. With a dedicated subwoofer in tow, the Stage Pro is capable of delivering bass with a heavy rumble. If you’re winding down with a classic action film then you’ll feel the difference the moment the movie shifts into a car chase or firefight.
Going one step further is the inclusion of SuperWide mode, which is capable of projecting the sound at a further distance away from the TV, effectively making you feel as if you’re being enveloped by surround sound. It’s a neat trick that could have easily been a gimmick on a lesser device, but it performs well here.
For when you don’t feel like watching a show or a film, there’s Bluetooth connectivity to enjoy some music via your smartphone. Of course, it’s also worth mentioning that because of its compact size, PC gamers could place the Creative Stage Pro soundbar on their desk for a more immersive experience than the built-in speakers of their laptop or monitor.
Great TV audio lift
Lends movies scale
Balanced music playback
Solid, ergonomic build
Boomy bass under stress
No HDMI ARC
As much as we love the Creative Stage Pro for being a great soundbar/subwoofer combo to those on a budget, if you’re happy to sacrifice just a bit of efficiency at higher volumes in return for a similar combo that’s slimmer and better placed to work with limited space around your TV or even at your desk, then the Majority Bowfell Plus is hard to argue with. At just 38cm, the Majority Bowfell Plus soundbar can comfortably fit below a TV and feel as if it’s not taking up that much space at all, so if you have a 48-inch TV or something that’s older and potentially even smaller, then this is a great option to have. Unlike the subwoofer of the Creative Stage Pro, the one included here isn’t quite as stout, taking on a slim frame that can fit just about anywhere.
Still, even with a smaller footprint than most soundbar combos, the Majority Bowfell Plus delivers where it counts. When running through the opening scene of Bond flick Spectre, the crumbling buildings of Mexico are directed with just the right amount of oomph that you’d hope to hear, and there’s directionality too which just adds further depth to the scene as it feels like the whole thing is taking place in a 3D space.
It’s a similarly pleasing experience when listening to music, as a run through Yvonne Elliman’s If I Can’t Have You threw out the type of warm vocals that draw you in, while the soundbar can project the rest of the instruments around you. If you like the idea of kicking back with a good book and an even better soundtrack to boot, then you’ll be well catered to.
One of the few areas that could be improved is the bass performance at the higher end of the volume scale. With too much weight placed on it, the bassline could feel a bit boomy, at which point you’ll struggle to hone in on the details, but this is something you likely won’t incur if you live in a flat and don’t want to annoy the neighbours with high volume anyway. Some soundbars support HDMI ARC, but in general, cheaper soundbars under £100/$100 tend not to feature any HDMI inputs.How we test soundbars
Pros
Pros
Cons
Pros
Cons
Pros
Cons
Pros
Cons
Pros
Cons
Pros
Cons
Full Specs
Wharfedale Vista 200S Review
Sonos Ray Review
Razer Leviathan V2 Review
Sharp HT-SBW55121 Review
Polk Signa S4 Review
Creative Stage Pro Review
Majority Bowfell Plus Review
UK RRP
£219
£279
£229.99
£549
£329
£129
–
USA RRP
–
$279
$249.99
–
$349.99
$169.99
–
EU RRP
–
€298
€249.99
–
€349
–
–
CA RRP
–
–
CA$329.99
–
–
–
–
AUD RRP
AU$899
–
AU$411.95
–
–
–
–
Manufacturer
Wharfedale
Sonos
Razer
Sharp
Polk
Creative
Majority
Quiet Mark Accredited
–
–
No
–
–
–
–
Size (Dimensions)
900 x 92 x 62 MM
559 x 95 x 71 MM
3.6 x 19.7 x 2.3 INCHES
1260 x 125 x 75 MM
1046 x 95 x 60 MM
420 x 265 x 115 MM
388 x 72 x 54 MM
Weight
7.9 KG
1.95 KG
1.4 KG
12.3 KG
–
–
–
ASIN
B07R8VR2WW
B09ZYCBWYF
B09MMF7DLH
B0D37M2TWG
B09MZ62BDC
–
B0B5LDFRLQ
Release Date
2019
2022
2021
2025
2021
2025
2022
First Reviewed Date
25/04/2019
31/05/2022
06/06/2022
–
–
–
–
Model Number
Vista 200S
Sonos Ray
–
–
Signa S4 Soundbar
–
1000002852
Sound Bar Channels
–
5.1
–
7.1.4
3.1.2
2.1
2.1
Driver (s)
2x full range, 6.5-inch subwoofer
2 x tweeters, 2 x mid-woofers, 2 x low-velocity ports
Full Range Driver, Tweeter Driver, Passive Radiator Driver, Down-Firing Subwoofer
Four 40x90mm, two 37x86mm side-firing, two 2.5-inch Up-firing, 6.5-inch subwoofer
two 25mm tweeters, two 120 x 40mm racetrack, 25mm full range centre, two 66mm elevation units, 5.9-inch woofer
–
2 x 2.25-inch full range; 1 x 5.25-inch bass (subwoofer)
Audio (Power output)
120 W
–
–
650 W
–
80 W
–
Connectivity
HDMI, 3.5mm, RCA, Coaxial, Digital Optical out, Bluetooth 4.2
Optical S/PDIF
Bluetooth 5.2, USB-C
Bluetooth 5.3
Optical, Analog 3.5mm, Bluetooth, USB-A (firmware)
Bluetooth 5.3
Bluetooth 5
ARC/eARC
ARC
N/A
N/A
ARC/eARC
ARC/eARC
ARC
N/A
Colours
Black
Black and white
Black
Grey/Black
Black
Black
Black
Voice Assistant
–
–
N/A
–
–
–
–
Audio Formats
Dolby Digital, DTS, DTS Virtual:X
DTS, Dolby Digital, Stereo PCM
–
Dolby Atmos, Dolby TrueHD, Dolby Digital Plus, Dolby Digital, DTS:X, DTS-HD, DTS 5.1
Dolby Atmos, Dolby Digital, Dolby Digital Plus, Dolby TrueHD, PCM
–
Dolby Audio
Subwoofer
Yes
–
Yes
Yes
Yes
Yes
Yes
Rear Speaker
No
Optional
No
Yes
No
No
No
Frequency
40Hz – 20kHz, 40Hz – 120kHz (sub)
–
40-20000Hz
–
–
–
–
Multiroom
No
Yes (Sonos mesh)
No
–
–
–
–
Do cheap soundbars support HDMI ARC?
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April.
The feature is expected to reach general availability by mid-June 2026 and will also extend passwordless sign-in to unmanaged Windows devices.
Microsoft says that Entra passkeys on Windows will support corporate, personal, and shared devices, with admin controls via Conditional Access and Authentication Methods policies.
“Users can create device‑bound passkeys stored in the Windows Hello container and authenticate using Windows Hello methods (face, fingerprint, or PIN),” Microsoft said in a message center update.
“This expands passwordless authentication support to Windows devices that aren’t Microsoft Entra‑joined or registered, helping organizations strengthen security and reduce reliance on passwords across corporate‑managed, personal, and shared device scenarios.”
The new security feature will be available in organizations that have enabled ‘Microsoft Entra ID with passkeys’ in the ‘Authentication Methods policy’ for users who sign in to Windows devices that are not Microsoft Entra‑joined or registered, provided Conditional Access policies allow it (e.g., from corporate‑managed, personal, or shared devices).
It also enables the creation of FIDO2 passkeys stored in a secure local credential container that can only be used for authentication to Microsoft Entra ID via Windows Hello using facial recognition, fingerprint, or PIN (unlike Windows Hello for Business, which also enables device sign-ins).
| Feature | Microsoft Entra passkey on Windows | Windows Hello for Business |
|---|---|---|
| Standard base | FIDO2 | FIDO2 for authentication, first-party (1P) protocol for device sign-in |
| Registration | User-initiated, doesn’t require device join or registration | Automatically provisioned on some Microsoft Entra joined or registered devices during device registration |
| Device sign-in and single sign-on (SSO) | N/A | Enables device sign-in and SSO to Microsoft Entra-integrated resources after device sign-in |
| Credential binding | Bound to the device and stored in the local Windows Hello container. Users can register multiple passkeys for multiple work or school accounts on the same device. | Primarily a device-bound sign-in method linked to device trust. The credential is tied only to the work or school account used to register the device. |
| Management | Microsoft Entra ID Authentication methods policy | Microsoft Intune Group Policy |
Additionally, passkeys are cryptographically bound to each device and never transmitted over the network, so attackers can’t steal them during phishing or malware attacks to bypass multifactor authentication.
While Microsoft didn’t share why this feature was added, Microsoft Entra passkeys on Windows close a security gap that previously left personal and shared devices reliant on password-based Microsoft Entra ID authentication.
In recent months, threat actors have heavily targeted Microsoft Entra single sign-on (SSO) accounts using stolen credentials in a wave of recent SaaS data-theft attacks.
BleepingComputer reached out to Microsoft for more details, but a response was not immediately available.
In October 2024, Microsoft said it would also improve security across Entra tenants by making multifactor authentication (MFA) registration mandatory when security defaults are enabled, as part of the company’s Secure Future Initiative, launched in November 2023, to boost cybersecurity protection across its products.
Additionally, Microsoft announced in May 2025 that all new Microsoft accounts will be “passwordless by default” to protect them against brute-force, credential stuffing, and phishing attacks.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Powerball Result April 18, 2026: No Jackpot Winner in Powerball Draw: $75 Million Rolls Over
Weekend Open Thread – Corporette.com
Zack Polanski demands ‘council homes not luxury flats for foreign investors’
NBA Analyst Charles Barkley Chimes in on Ice Spice McDonald’s Fiasco
Gary Stevenson delivers timely reminder to register to vote as deadline TODAY
Bank of Hawai’i (BOH) Q1 2026: Net Income Drops to $57.4M as Net Interest Margin Expands
Hyperliquid $HYPE Rally Builds Momentum as AI Sector Enters Prove-It Phase
Making troops accountable for war crimes threatens US alliance, ex-SAS colonel warns
Disabled people challenge government SEND proposals over segregation concerns
Rolls-Royce Voted UK’s Most Iconic Trade Mark as IPO Register Hits 150
Zack Polanski responds to home secretary’s taser threat
Starmer handler McSweeney to be dragged from shadows by Foreign Affairs Committee
Wings Over Scotland | How To Get Away With Crimes
Five Value Stocks with Recovery Potential in 2026: PayPal (PYPL), Nike (NKE), and More
‘Iran is still a nuclear threat’
New York sues Coinbase, Gemini over prediction market offerings
Tim Bradley names the current best in the world: “Better than Inoue and Usyk”
Reform investigating candidate who ‘hates’ the NHS
The Job Benefits Most Men Don’t Know to Negotiate
Michael Saylor says BTC winter is over. Market analyst disagrees, says bitcoin was in a pullback
You must be logged in to post a comment Login