authentication

5 posts tagged authentication.

From Password-in-the-Pipe to Cloud-Issued Session: Twenty-Six Years of RDP Authentication

May 11, 2026

How five generations of Windows RDP authentication -- classic delegation, NLA via CredSSP, Restricted Admin, Remote Credential Guard, and PRT-over-RDP -- retreated from the 1998 design that gave attackers the keys to every target.
Fuzzy Extractors and the One Inequality That Explains Why Windows Hello Doesn't Use One

May 10, 2026

Fuzzy extractors turn noisy biometrics into stable cryptographic keys. A single 2004 inequality explains why Windows Hello deliberately does not use one.
Kerberos in Windows: The Other Half of NTLMless

May 10, 2026

After NTLM, Kerberos becomes the load-bearing authentication protocol for Windows. Eight years of attacks, the December 2025 Beyond-RC4 cadence, and the H2 2026 IAKerb / Local KDC broad enable.
WebAuthn and Passkeys on Windows: From CTAP to the Credential Provider Model

May 10, 2026

The know/have/are taxonomy collapses against modern phishing kits. Passkeys, WebAuthn Level 3, CTAP 2.x, and Windows 11 24H2 third-party providers score against the criteria that actually matter -- and recovery is the load-bearing column.
No Secrets to Steal: How Windows Hello Eliminated the Shared Secret

Apr 27, 2026

How Windows Hello replaced passwords with TPM-backed biometrics, survived a decade of attacks, and helped make passwordless the default.