OPS108: Windows authentication internals in a hybrid world

This post has been republished via RSS; it originally appeared at: ITOps Talk Blog articles.

Have you ever wondered what happens when you type your password into Windows? With the cloud becoming a major part of our world, we find ourselves having to talk to both on-premises and cloud-native resources, which dramatically affects what happens when you do type your password into Windows. Follow along as Steve Syfuhs gives a guided tour of how Windows handles logons internally and secures your authentication in a hybrid world.



Steve Syfuhs, Senior Developer



This session includes:

02:11 Logging on to Windows
03:36 Types of logins
06:33 The Logon UI
09:39 Local Security Authority
21:53 Logon UI Part II
23:42 Local Security Authority Part II
25:14 Kerberos in Windows
35:35 Logon Sessions including Azure Active Directory
38:09 Local Security Authority Part III
43:53 Oauth in Windows - Types of credentials
45:55 Windows Hello Logon
53:34 FIDO Logon
56:32 Local Security Authority Part IV
1:01:08 Azure AD Join
1:05:14 Community Q&A - How long do we need to keep on-premises AD around?
1:09:39 How can we enable MFA/FIDO keys for normal AD Login and not only for Apps that support Modern Auth?
1:12:44 When will we get rid of passwords once and for all?


Community chat

Want to chat about this session? Come join us on Discord! https://aka.ms/ops108-chat


Learn more

IT Ops Talks Hybrid Event: https://aka.ms/ITOpsTalks
IT Ops Talks Community Chat: https://aka.ms/OPS108-chat
Steve on Security: https://syfuhs.net/
Detailed look at Windows Credentials 
Windows Hello for Business 
Passwordless FIDO 
FIDO Hybrid to on-prem 
Windows Hello Enhanced Sign-in Security 


Was this perfect or how could we improve this? Please take a moment to submit your feedback at https://aka.ms/ops108-feedback 

To watch more sessions from the IT Ops Talks: All Things Hybrid event check out https://aka.ms/ITOpsTalks



REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.