Search | Feed

Steve on Security

By Steve Syfuhs
Identity Delegation in Active Directory

Identity Delegation in Active Directory

Published Jan 26, 2021 | Posted in Security
Active Directory delegation is an often misunderstood technology. Here's an in-depth look at how it works. Read Article
Steve Syfuhs
About Steve Syfuhs

Steve Syfuhs is a developer on the Windows Authentication team at Microsoft.

Read More about Steve

Twitter logo Mastodon

GitHub logo github.com/SteveSyfuhs

Preventing UAC Bypass through Kerberos Loopback

Preventing UAC Bypass through Kerberos Loopback

Published Jan 21, 2021
User Account Control is a local authorization mechanism. Can you bypass it by going through the network? No. Here's why.
Read Article | Windows
Hybrid Authentication with FIDO

Hybrid Authentication with FIDO

Published Jan 19, 2021
FIDO is how we're tackling passwordless authentication. Have you ever wondered how it works?
Read Article | Windows
Kerberos FAST Armoring

Kerberos FAST Armoring

Published Jan 16, 2021
FAST Armoring is a Kerberos extension intended to improve the security of the Kerberos protocol.
Read Article | Kerberos
Should I Turn off NLA?

Should I Turn off NLA?

Published Dec 30, 2020
Network Level Authentication is critical for secure RDP connections. Don't turn it off.
Read Article | RDP
A Strategy for Protecting Privileged Access

A Strategy for Protecting Privileged Access

Published Dec 22, 2020
Let's talk a bit about how Microsoft does Privileged Access.
Read Article | Security
How Windows Defender Credential Guard Works

How Windows Defender Credential Guard Works

Published Dec 1, 2020
Have you ever wondered how Credential Guard works?
Read Article | Windows
Windows and Domain Trusts

Windows and Domain Trusts

Published Nov 24, 2020
Domain trusts are complicated. Here's how they work.
Read Article | Windows
How Windows Single Sign-On Works

How Windows Single Sign-On Works

Published Nov 18, 2020
Have you ever wondered how Windows does Single Sign-on?
Read Article | Windows
Windows Insider Podcast: Ctrl+Alt+Authenticate

Windows Insider Podcast: Ctrl+Alt+Authenticate

Published Nov 11, 2020
I was interviewed by Jason Howard from the Windows Insider team and we talked about Windows Authentication and stuff.
Read Article | Authentication
Code Signing for Kerberos.NET

Code Signing for Kerberos.NET

Published Oct 21, 2020
The Kerberos.NET components are now code signed under the .NET Foundation.
Read Article | Kerberos.NET
How Azure AD Windows Sign-in Works

How Azure AD Windows Sign-in Works

Published Sep 22, 2020
Let's talk Azure AD join and what that means to a Windows device. What's it mean to be joined to something?
Read Article | Kerberos
Kerberos Explained in a Little Too Much Detail

Kerberos Explained in a Little Too Much Detail

Published Sep 15, 2020
Kerberos is an authenticated key agreement protocol based on the Needham-Schroeder protocol. That's too complicated -- let's break it down a little.
Read Article | Kerberos
Bruce: A Command Line Kerberos.NET Management Tool

Bruce: A Command Line Kerberos.NET Management Tool

Published Sep 11, 2020
A new command line tool called Bruce has been created for managing Kerberos and Kerberos.NET... things.
Read Article | Kerberos.NET
How Authentication Works when you use Remote Desktop

How Authentication Works when you use Remote Desktop

Published Sep 9, 2020
Have you ever wondered how authentication works for things like Remote Desktop?
Read Article | Windows
« Older Posts Newer Posts »
Copyright © 2023 Steve Syfuhs
  • Categories
    • Security 55
    • Development 35
    • Kerberos 33
    • Authentication 30
    • Windows 27
    • Featured 23
    • Twitter Thread 20
    • Active Directory 11
    • .NET 10
    • Single Sign-On 6
    • Azure AD 5
    • Cryptography 4
    • Kerberos.NET 4
    • ASP.NET 3
    • C# 3
    • Federation 3
    • Visual Studio 3
    • ADFS 2
    • Credential Guard 2
    • Nuclear 2
    • NuGet 2
    • RDP 2
    • Session Management 2
    • Credential Theft 1
    • FIDO 1
    • Hybrid 1
    • Insider 1
    • IoT 1
    • Networking 1
    • Podcast 1
    • Presentation 1
    • Privileged Access 1
    • Remote Credential Guard 1
    • Threat Modeling 1
    • TLS 1
  • Build Details
    • Blog:v2.1.107+55c5906f33
      Runtime:v5.0.17+6a98414363
  • Actions
    • Sign in