InfoSec Brain Tease:
You are doing a security evaluation. IT use the same local admin password on all machines. However, so attackers cannot pivot through the network, they have a script that changes the local admin username to the BIOS serial number. (They don't use the serial number as a password because users could figure that out by looking at the script.)
You try to make them use LAPS, but they ask you to demonstrate how this is any less effective.
Your challenge: Is this an effective security mitigation? If not, give a network compromise scenario why.
@robryk @SwiftOnSecurity generally not.