Identity Delegation in Active Directory Published Jan 26, 2021 | Posted in Security Active Directory delegation is an often misunderstood technology. Here's an in-depth look at how it works. Read Article About Steve Syfuhs Steve Syfuhs is a developer on the Windows Authentication team at Microsoft. Read More about Steve Mastodon github.com/SteveSyfuhs
Preventing UAC Bypass through Kerberos Loopback Published Jan 21, 2021 User Account Control is a local authorization mechanism. Can you bypass it by going through the network? No. Here's why. Read Article | Windows
Hybrid Authentication with FIDO Published Jan 19, 2021 FIDO is how we're tackling passwordless authentication. Have you ever wondered how it works? Read Article | Windows
Kerberos FAST Armoring Published Jan 16, 2021 FAST Armoring is a Kerberos extension intended to improve the security of the Kerberos protocol. Read Article | Kerberos
Should I Turn off NLA? Published Dec 30, 2020 Network Level Authentication is critical for secure RDP connections. Don't turn it off. Read Article | RDP
A Strategy for Protecting Privileged Access Published Dec 22, 2020 Let's talk a bit about how Microsoft does Privileged Access. Read Article | Security
How Windows Defender Credential Guard Works Published Dec 1, 2020 Have you ever wondered how Credential Guard works? Read Article | Windows
Windows and Domain Trusts Published Nov 24, 2020 Domain trusts are complicated. Here's how they work. Read Article | Windows
How Windows Single Sign-On Works Published Nov 18, 2020 Have you ever wondered how Windows does Single Sign-on? Read Article | Windows
Windows Insider Podcast: Ctrl+Alt+Authenticate Published Nov 11, 2020 I was interviewed by Jason Howard from the Windows Insider team and we talked about Windows Authentication and stuff. Read Article | Authentication
Code Signing for Kerberos.NET Published Oct 21, 2020 The Kerberos.NET components are now code signed under the .NET Foundation. Read Article | Kerberos.NET
How Azure AD Windows Sign-in Works Published Sep 22, 2020 Let's talk Azure AD join and what that means to a Windows device. What's it mean to be joined to something? Read Article | Kerberos
Kerberos Explained in a Little Too Much Detail Published Sep 15, 2020 Kerberos is an authenticated key agreement protocol based on the Needham-Schroeder protocol. That's too complicated -- let's break it down a little. Read Article | Kerberos
Bruce: A Command Line Kerberos.NET Management Tool Published Sep 11, 2020 A new command line tool called Bruce has been created for managing Kerberos and Kerberos.NET... things. Read Article | Kerberos.NET
How Authentication Works when you use Remote Desktop Published Sep 9, 2020 Have you ever wondered how authentication works for things like Remote Desktop? Read Article | Windows