Search | Feed

Steve on Security

By Steve Syfuhs
How does Remote Credential Guard Work?

How does Remote Credential Guard Work?

Published Feb 26, 2022 | Posted in Windows
Remote Credential Guard is a secure way of connecting to RDP servers. Read Article
Steve Syfuhs
About Steve Syfuhs

Steve Syfuhs is a developer on the Windows Cryptography, Identity, and Authentication team at Microsoft building authentication stuff for all your favorite operating systems.

Read More about Steve

Twitter logo twitter.com/stevesyfuhs

GitHub logo github.com/SteveSyfuhs

Windows Hello Cloud Trust

Windows Hello Cloud Trust

Published Feb 22, 2022
Windows Hello Cloud Trust simplifies deployment considerably.
Read Article | Windows
Why We Built Azure AD Kerberos

Why We Built Azure AD Kerberos

Published Dec 2, 2021
Why do we need Azure AD Kerberos?
Read Article | Authentication
Why Thread Readers are Blocked

Why Thread Readers are Blocked

Published Dec 2, 2021
I block every thread reader to force you to come here.
Read Article | Twitter Thread
How Azure AD Kerberos Works

How Azure AD Kerberos Works

Published Dec 1, 2021
Azure AD Kerberos is a modern form of Kerberos for hybrid environments.
Read Article | Windows
On Computer Passwords

On Computer Passwords

Published Sep 23, 2021
Computer accounts have passwords. Here's some facts about them.
Read Article | Authentication
A Bit About the Local Security Authority

A Bit About the Local Security Authority

Published Aug 5, 2021
The Local Security Authority is what oversees the security in Windows.
Read Article | Windows
MFA is Hard to do Right

MFA is Hard to do Right

Published May 7, 2021
MFA is critical to securing the world, but it's hard to do right. Here's why.
Read Article | Authentication
Killing NTLM is Hard

Killing NTLM is Hard

Published May 5, 2021
The NTLM authentication protocol just won't die.
Read Article | Windows
Lessons in Disabling RC4 in Active Directory

Lessons in Disabling RC4 in Active Directory

Published Mar 2, 2021
Customer lessons learned when disabling RC4 in Active Directory.
Read Article | Active Directory
Protecting Against Credential Theft in Windows

Protecting Against Credential Theft in Windows

Published Feb 12, 2021
Going passwordless is an integral part of eliminating credential theft. Here's why.
Read Article | Authentication
How Managed Service Accounts in Active Directory Work

How Managed Service Accounts in Active Directory Work

Published Feb 4, 2021
Managed Service Accounts in Windows allow administrators to automate password management for accounts. Here's how they work.
Read Article | Active Directory
OPS108: Windows authentication internals in a hybrid world

OPS108: Windows authentication internals in a hybrid world

Published Feb 2, 2021
I recently recorded a presentation on the internals of hybrid Windows authentication. Go watch it.
Read Article | Windows
Identity Delegation in Active Directory

Identity Delegation in Active Directory

Published Jan 26, 2021
Active Directory delegation is an often misunderstood technology. Here's an in-depth look at how it works.
Read Article | Security
Preventing UAC Bypass through Kerberos Loopback

Preventing UAC Bypass through Kerberos Loopback

Published Jan 21, 2021
User Account Control is a local authorization mechanism. Can you bypass it by going through the network? No. Here's why.
Read Article | Windows
« Older Posts
Copyright © 2022 Steve Syfuhs
  • Categories
    • Security 54
    • Development 35
    • Kerberos 32
    • Authentication 28
    • Windows 25
    • Featured 22
    • Twitter Thread 20
    • Active Directory 11
    • .NET 10
    • Single Sign-On 6
    • Azure AD 5
    • Cryptography 4
    • Kerberos.NET 4
    • ASP.NET 3
    • C# 3
    • Federation 3
    • Visual Studio 3
    • ADFS 2
    • Credential Guard 2
    • Nuclear 2
    • NuGet 2
    • RDP 2
    • Session Management 2
    • Credential Theft 1
    • FIDO 1
    • Hybrid 1
    • Insider 1
    • IoT 1
    • Networking 1
    • Podcast 1
    • Presentation 1
    • Privileged Access 1
    • Remote Credential Guard 1
    • Threat Modeling 1
    • TLS 1
  • Build Details
    • Blog:v2.1.104+16cff1b5ee
      Runtime:v5.0.6+478b2f8c0e
  • Actions
    • Sign in