Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one ...

The Kerberos authentication method ... Workgroups supported file and printer sharing but not network log-on). It used Challenge Handshake Authentication Protocol (CHAP) and later a stronger ...

as long as the network relies on the Kerberos authentication protocol, which has been included in all standard Windows versions since 2000. The difference between Golden Ticket, Silver Ticket ...

and a feature called IAKerb that allows clients to use Kerberos in more diverse network topologies and adds encryption to the authentication dialog. However, NTLM is still alive as a fallback option.

The various versions of Windows have used Kerberos as its main ... and organizations for Windows authentication because it "doesn’t require local network connection to a Domain Controller." ...

These services, however, introduce a new problem: they work over the network and expose passwords, which are encrypted only weakly. The authentication protocol implemented by Kerberos combines the ...

Researchers said they found a way to force the Kerberos protocol to use the plaintext and non-encrypted part for authentication procedures. An attacker that has compromised a company's network or ...

Microsoft is working on a fix for a bug in last week's patch for a bypass vulnerability in the Kerberos Key Distribution Center (KDC) security feature. Microsoft has flagged the issue affecting ...