Lessons in Disabling RC4 in Active Directory
| Active Directory Customer lessons learned when disabling RC4 in Active Directory. Read Article
Protecting Against Credential Theft in Windows
Going passwordless is an integral part of eliminating credential theft. Here's why.
How Managed Service Accounts in Active Directory Work
Managed Service Accounts in Windows allow administrators to automate password management for accounts. Here's how they work.
What Happens When you Type Your Password into Windows?
Have you ever wondered what happens behind the scenes when you type your password into the Windows logon screen and hit enter?
KDC Proxy for Remote Access
There's a little known feature in Windows called the KDC Proxy that lets clients communicate with KDC servers over an HTTPS channel instead of TCP.
On Token Binding
Token Binding is an incredibly important step in protecting your identity on the internet.
Creating Custom Windows Credential Providers in .NET
Credential Providers transfer user-supplied credentials to the security stack in Windows. They're COM-based, so you can build your own in .NET.
Enclave.NET: A Secure-ish Crypto Execution Module
Here's a foundation to build a module for processing your secrets outside your application.
On Adding AES Support to Kerberos.NET
The AES cryptographic algorithm was added to the Kerberos.NET library.
Kerberos.NET: A Managed Ticket Validator
I built a Kerberos library in managed code. Check it out.
A look at Azure AD Single Sign-On
Seamless Single Sign-On lets you sign in to Azure AD using Kerberos. Here's how it works.
A Developer’s Guide to Networks Part 1: Wiring
I rewired the house for faster internet. Here's my experience.
Debugging JavaScript in Auth WebViews
Webviews are way to host web content in modal windows of modern applications. Debugging the web code can be difficult.
Going Nuclear: Modeling Threats to Distributed Systems
Threat Modeling can be a boring and tedious process -- especially when you're just starting out. Here's an exaggerated look at how to think and model threats.
IoT is Weird: Or Why I now have a Network Connected Geiger Counter
I acquired a network-connected Geiger Counter. Check it out.