Kerberos is the default authentication protocol in on-prem Windows environments. We’re launching a 6-part YouTube series, a technical deep dive into Kerberos. We’ll break down the protocol, dissect well-known attacks, and cover defensive strategies to keep your environment secure.| Compass Security Blog
Kerberos is an authenticated key agreement protocol based on the Needham-Schroeder protocol. That's too complicated -- let's break it down a little.| syfuhs.net
An introduction to NTLM, its role in Windows authentication, and why it's still relevant today.| Ales Brelih
To protect web resources with Kerberos you may use Apache HTTPD with mod_auth_gssapi — however, all web scripts (e.g., PHP) run under Apache will have access to the Kerberos long-term symmetric secret credential (keytab). If someone can get it, they Continue reading Privilege separation of GSS-API credentials for Apache→| Simon Josefsson's blog
GSS-API is a standardized framework that is used by applications to, primarily, support Kerberos V5 authentication. GSS-API is standardized by IETF and supported by protocols like SSH, SMTP, IMAP and HTTP, and implemented by software projects such as OpenSSH, Exim, Continue reading Towards pluggable GSS-API modules→| Simon Josefsson's blog
I have blogged about GNU SASL and GS2-KRB5 with the native Kerberos on Mac OS X before, so the next logical step has been to support GS2-KRB5 on Windows through MIT Kerberos for Windows (KfW). With the latest release of Continue reading GS2-KRB5 using GNU SASL and MIT Kerberos for Windows→| Simon Josefsson's blog
* Caveats apply.| Tyranid's Lair
| The Grumpy Troll: The Grumpy Troll
I already have these 0x800706BA problem. | Franck RICHARD's Blog
Azure AD Kerberos is a modern form of Kerberos for hybrid environments.| syfuhs.net
Customer lessons learned when disabling RC4 in Active Directory.| syfuhs.net
FIDO is how we're tackling passwordless authentication. Have you ever wondered how it works?| syfuhs.net