Identity Delegation in Active Directory

Published Jan 26, 2021 | Posted in Security

Active Directory delegation is an often misunderstood technology. Here's an in-depth look at how it works. Read Article

About Steve Syfuhs

Steve Syfuhs is a developer on the Windows Authentication team at Microsoft.

Preventing UAC Bypass through Kerberos Loopback

Published Jan 21, 2021

User Account Control is a local authorization mechanism. Can you bypass it by going through the network? No. Here's why.

Read Article | Windows

Hybrid Authentication with FIDO

Published Jan 19, 2021

FIDO is how we're tackling passwordless authentication. Have you ever wondered how it works?

Read Article | Windows

Kerberos FAST Armoring

Published Jan 16, 2021

FAST Armoring is a Kerberos extension intended to improve the security of the Kerberos protocol.

Read Article | Kerberos

Should I Turn off NLA?

Published Dec 30, 2020

Network Level Authentication is critical for secure RDP connections. Don't turn it off.

Read Article | RDP

A Strategy for Protecting Privileged Access

Published Dec 22, 2020

Let's talk a bit about how Microsoft does Privileged Access.

Read Article | Security

How Windows Defender Credential Guard Works

Published Dec 1, 2020

Have you ever wondered how Credential Guard works?

Read Article | Windows

Windows and Domain Trusts

Published Nov 24, 2020

Domain trusts are complicated. Here's how they work.

Read Article | Windows

How Windows Single Sign-On Works

Published Nov 18, 2020

Have you ever wondered how Windows does Single Sign-on?

Read Article | Windows

Windows Insider Podcast: Ctrl+Alt+Authenticate

Published Nov 11, 2020

I was interviewed by Jason Howard from the Windows Insider team and we talked about Windows Authentication and stuff.

Read Article | Authentication

Code Signing for Kerberos.NET

Published Oct 21, 2020

The Kerberos.NET components are now code signed under the .NET Foundation.

Read Article | Kerberos.NET

How Azure AD Windows Sign-in Works

Published Sep 22, 2020

Let's talk Azure AD join and what that means to a Windows device. What's it mean to be joined to something?

Read Article | Kerberos

Kerberos Explained in a Little Too Much Detail

Published Sep 15, 2020

Kerberos is an authenticated key agreement protocol based on the Needham-Schroeder protocol. That's too complicated -- let's break it down a little.

Read Article | Kerberos

Bruce: A Command Line Kerberos.NET Management Tool

Published Sep 11, 2020

A new command line tool called Bruce has been created for managing Kerberos and Kerberos.NET... things.

Read Article | Kerberos.NET

How Authentication Works when you use Remote Desktop

Published Sep 9, 2020

Have you ever wondered how authentication works for things like Remote Desktop?

Read Article | Windows

Blog:	v2.1.107+55c5906f33
Runtime:	v5.0.17+6a98414363