In Part 1 of this series, we explored why Microsoft is finally saying goodbye to NTLM authentication after more than 25 years of service. We discussed NTLM’s security weaknesses, from relay attacks to weak cryptography, and touched on Kerberos as the obvious alternative that’s been waiting in the wings since …well….Windows 2000.
Today in Part 2, we’re getting practical. We’ll explore the two groundbreaking major Microsoft is adding to Kerberos—IAKerb and Local KDC—that will finally allow organizations to eliminate NTLM entirely. More importantly, we’ll discuss what this means for you as a defender, how to prepare your environment, and of course…what timeline you’re working with.
– techcommunity.microsoft.com: The evolution of Windows authentication
– www.securityweek.com: Microsoft Improving Windows Authentication, Disabling NTLM
– www.bleepingcomputer.com: Microsoft plans to kill off NTLM authentication in Windows 11
– thehackernews.com: Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication
