Protecting Against Credential Theft in Windows Published Feb 12, 2021 | Posted in Authentication Going passwordless is an integral part of eliminating credential theft. Here's why. Read Article About Steve Syfuhs Steve Syfuhs is a developer on the Windows Authentication team at Microsoft. Read More about Steve Mastodon github.com/SteveSyfuhs
How Managed Service Accounts in Active Directory Work Published Feb 4, 2021 Managed Service Accounts in Windows allow administrators to automate password management for accounts. Here's how they work. Read Article | Active Directory
OPS108: Windows authentication internals in a hybrid world Published Feb 2, 2021 I recently recorded a presentation on the internals of hybrid Windows authentication. Go watch it. Read Article | Windows
Identity Delegation in Active Directory Published Jan 26, 2021 Active Directory delegation is an often misunderstood technology. Here's an in-depth look at how it works. Read Article | Security
Preventing UAC Bypass through Kerberos Loopback Published Jan 21, 2021 User Account Control is a local authorization mechanism. Can you bypass it by going through the network? No. Here's why. Read Article | Windows
Hybrid Authentication with FIDO Published Jan 19, 2021 FIDO is how we're tackling passwordless authentication. Have you ever wondered how it works? Read Article | Windows
Kerberos FAST Armoring Published Jan 16, 2021 FAST Armoring is a Kerberos extension intended to improve the security of the Kerberos protocol. Read Article | Kerberos
Should I Turn off NLA? Published Dec 30, 2020 Network Level Authentication is critical for secure RDP connections. Don't turn it off. Read Article | RDP
A Strategy for Protecting Privileged Access Published Dec 22, 2020 Let's talk a bit about how Microsoft does Privileged Access. Read Article | Security
How Windows Defender Credential Guard Works Published Dec 1, 2020 Have you ever wondered how Credential Guard works? Read Article | Windows
Windows and Domain Trusts Published Nov 24, 2020 Domain trusts are complicated. Here's how they work. Read Article | Windows
How Windows Single Sign-On Works Published Nov 18, 2020 Have you ever wondered how Windows does Single Sign-on? Read Article | Windows
Windows Insider Podcast: Ctrl+Alt+Authenticate Published Nov 11, 2020 I was interviewed by Jason Howard from the Windows Insider team and we talked about Windows Authentication and stuff. Read Article | Authentication
Code Signing for Kerberos.NET Published Oct 21, 2020 The Kerberos.NET components are now code signed under the .NET Foundation. Read Article | Kerberos.NET
How Azure AD Windows Sign-in Works Published Sep 22, 2020 Let's talk Azure AD join and what that means to a Windows device. What's it mean to be joined to something? Read Article | Kerberos