Lessons in Disabling RC4 in Active Directory Published Mar 2, 2021 | Active Directory Customer lessons learned when disabling RC4 in Active Directory. Read Article About Steve Syfuhs Steve Syfuhs (right) is a developer on the Azure Active Directory team at Microsoft building authentication services with a focus on Windows security. Read More about Steve Twitter: https://twitter.com/stevesyfuhs Github: https://github.com/SteveSyfuhs
Protecting Against Credential Theft in Windows Published Feb 12, 2021 Going passwordless is an integral part of eliminating credential theft. Here's why. Read Article | Authentication
How Managed Service Accounts in Active Directory Work Published Feb 4, 2021 Managed Service Accounts in Windows allow administrators to automate password management for accounts. Here's how they work. Read Article | Active Directory
What Happens When you Type Your Password into Windows? Published Sep 9, 2020 Have you ever wondered what happens behind the scenes when you type your password into the Windows logon screen and hit enter? Read Article | Windows
KDC Proxy for Remote Access Published May 27, 2020 There's a little known feature in Windows called the KDC Proxy that lets clients communicate with KDC servers over an HTTPS channel instead of TCP. Read Article | Authentication
On Token Binding Published Aug 21, 2018 Token Binding is an incredibly important step in protecting your identity on the internet. Read Article | Development
Creating Custom Windows Credential Providers in .NET Published Oct 15, 2017 Credential Providers transfer user-supplied credentials to the security stack in Windows. They're COM-based, so you can build your own in .NET. Read Article | Development
Enclave.NET: A Secure-ish Crypto Execution Module Published Aug 22, 2017 Here's a foundation to build a module for processing your secrets outside your application. Read Article | .NET
On Adding AES Support to Kerberos.NET Published Jul 10, 2017 The AES cryptographic algorithm was added to the Kerberos.NET library. Read Article | .NET
Kerberos.NET: A Managed Ticket Validator Published Mar 19, 2017 I built a Kerberos library in managed code. Check it out. Read Article | .NET
A look at Azure AD Single Sign-On Published Mar 19, 2017 Seamless Single Sign-On lets you sign in to Azure AD using Kerberos. Here's how it works. Read Article | Active Directory
A Developer’s Guide to Networks Part 1: Wiring Published Sep 26, 2016 I rewired the house for faster internet. Here's my experience. Read Article | Development
Debugging JavaScript in Auth WebViews Published Jul 23, 2016 Webviews are way to host web content in modal windows of modern applications. Debugging the web code can be difficult. Read Article | Active Directory
Going Nuclear: Modeling Threats to Distributed Systems Published Apr 12, 2015 Threat Modeling can be a boring and tedious process -- especially when you're just starting out. Here's an exaggerated look at how to think and model threats. Read Article | Development
IoT is Weird: Or Why I now have a Network Connected Geiger Counter Published Mar 22, 2015 I acquired a network-connected Geiger Counter. Check it out. Read Article | IoT