OPS108 Windows authentication internals in a hybrid world

Published Mar 02 2021 03:50 AM 798 Views

Have you ever wondered what happens when you type your password into Windows? With the cloud becoming a major part of our world, we find ourselves having to talk to both on-premises and cloud-native resources, which dramatically affects what happens when you do type your password into Windows. Follow along as Steve Syfuhs gives a guided tour of how Windows handles logons internally and secures your authentication in a hybrid world.

IT Ops Talks Hybrid Event: https://aka.ms/ITOpsTalks​
IT Ops Talks Community Chat: https://aka.ms/OPS108-chat​
Steve on Security: https://syfuhs.net/​
Detailed look at Windows Credentials: https://docs.microsoft.com/windows-se...​
Windows Hello for Business: https://docs.microsoft.com/windows/se...​
Passwordless FIDO: https://docs.microsoft.com/azure/acti...​
FIDO Hybrid to on-prem: https://docs.microsoft.com/azure/acti...​
Windows Hello Enhanced Sign-in Security: https://docs.microsoft.com/windows-ha...​

To watch more sessions from the IT Ops Talks: All Things Hybrid event check out our playlist: https://www.youtube.com/playlist?list...​

00:00​ Introduction
02:11​ Logging on to Windows
03:36​ Types of logins
06:33​ The Logon UI
09:39​ Local Security Authority
21:53​ Logon UI Part II
23:42​ Local Security Authority Part II
25:14​ Kerberos in Windows
35:35​ Logon Sessions including Azure Active Directory
38:09​ Local Security Authority Part III
43:53​ Oauth in Windows - Types of credentials
45:55​ Windows Hello Logon
53:34​ FIDO Logon
56:32​ Local Security Authority Part IV
1:01:08​ Azure AD Join
1:05:14​ Community Q&A - How long do we need to keep on-premises AD around?
1:09:39​ How can we enable MFA/FIDO keys for normal AD Login and not only for Apps that support Modern Auth?
1:12:44​ When will we get rid of passwords once and for all?

1 Comment
Version history
Last update:
‎Oct 04 2021 05:00 PM
Updated by:

Session Resources