Basically every local service is accessed via a web interface, and every interface wants a username and password. Assuming none of these services are exposed to the internet, how much effort do you put into security here?
Personally, I didn’t really think about it when I started. I make a half-assed effort at security where I don’t use “admin” or anything obvious as the username, and I use a decent-but-not-industrial password - but I started reusing the u/p as the number of services I’m running grew. I have my browsers remember the u/ps.
Should one go farther than this? And if so, what’s the threat model? Is there an easier way?

    • powerofm
      link
      fedilink
      English
      arrow-up
      27
      arrow-down
      2
      ·
      3 months ago

      I’m pretty sure that vulnerability only affected windows machines. Surely you’re not running a homelab with windows server?

    • seaQueue@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      3 months ago

      The only windows machine on my home network is the backup Windows laptop that I only boot when I need to run something like Odin to flash a tablet or some niche Nintendo switch management software.

        • seaQueue@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          3 months ago

          Yes, the machine that stays off 363 days of the year is such a security risk to my home network 🙄

          • SchmidtGenetics@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            6
            ·
            3 months ago

            Great, so let’s suppress a warning because YOU are fine…

            Maybe other people don’t realize the issue, but of course you aren’t thinking about anyone but yourself now aren’t you?