![]() Some of the best protections you can have on the Microsoft platform are not included in Windows 10 Professional. They will help you understand how attackers can gain access and how you can protect against it. I urge you to review two excellent posts on the topic of credential harvesting from Reliaquest: Credential Dumping Part 1: A Closer Look at Vulnerabilities with Windows Authentication and Credential Management and Credential Dumping Part 2: How to Mitigate Windows Credential Stealing. (For more information on similar topics, check out his post on how single sign-on works and on how Azure AD sign-on works.) Steve Syfuhs, a developer on Microsoft’s Azure Active Directory team, wrote an excellent post on what happens when you enter your password in Windows. Understanding how the authentication process works and why certain processes are better starts with understanding the password authentication process in general. ![]() I find that if I understand what I’m trying to protect, I can devise better ways to protect it. ![]()
0 Comments
Leave a Reply. |