Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one ...

The Kerberos authentication method ... Workgroups supported file and printer sharing but not network log-on). It used Challenge Handshake Authentication Protocol (CHAP) and later a stronger ...

and a feature called IAKerb that allows clients to use Kerberos in more diverse network topologies and adds encryption to the authentication dialog. However, NTLM is still alive as a fallback option.

The various versions of Windows have used Kerberos as its main ... and organizations for Windows authentication because it "doesn’t require local network connection to a Domain Controller." ...

These services, however, introduce a new problem: they work over the network and expose passwords, which are encrypted only weakly. The authentication protocol implemented by Kerberos combines the ...

Researchers said they found a way to force the Kerberos protocol to use the plaintext and non-encrypted part for authentication procedures. An attacker that has compromised a company's network or ...