Welcome to the IdGuys

Our blog is focused on mostly identity topics based on Microsoft technologies.

We are passionate about sharing our knowledge and experiences in the field of identity and access management, and we hope that our blog will be a valuable resource for anyone interested in this exciting and rapidly evolving field.

Latest blog posts

March 27, 2026

RC4 Deprecation: Phase 2 Is Here — And This Is Where Things Break (April 2026)

What’s Changing?

Microsoft is now enabling enforcement mode by default.
This means the Kerberosis shifting toward stronger, modern encryption whether environments are ready or not.

New Default Behavior:

Kerberos will now use AES-SHA1 (0x18) only as the default encryption.
Any accounts...

+1 more

March 18, 2026

Making Lifecycle Workflows State-Aware with State Groups

Lifecycle Workflows in Microsoft Entra ID Governance are powerful—but they are also fundamentally trigger-driven.

Workflows are typically initiated by:

Attribute changes
Dates relative to employeeStartDate and employeeLeaveDateTime
Changes in group membership

This works well for simple...

February 09, 2026

The IdGuys has a new member

Onevinn's Secure Identity team is growing, and so is the team at the IdGuys!

Our latest addition, Johan Öberg, will introduce himself with an interesting blog post soon. A warm welcome to Johan.

Stay tuned.

February 09, 2026 Series: PRMFA -

Phishing-Resistant MFA as the modern bouncer — does the analogy hold?

Yes, mostly — and it’s a strong way to explain the shift.

Username & password = the old bouncer

A bouncer who:

Knows your face (username)
Lets you in if you whisper the right word (password)

The problem:

Anyone who learns the word can get in
You can be tricked into revealing it
The...

View All Posts