OPS108 Windows authentication internals in a hybrid world

Posted on by

Have you ever wondered what happens when you type your password into Windows? With the cloud becoming a major part of our world, we find ourselves having to talk to both on-premises and cloud-native resources, which dramatically affects what happens when you do type your password into Windows. Follow along as Steve Syfuhs gives a guided tour of how Windows handles logons internally and secures your authentication in a hybrid world.

✔Resources:
IT Ops Talks Hybrid Event: https://aka.ms/ITOpsTalks​
IT Ops Talks Community Chat: https://aka.ms/OPS108-chat​
Steve on Security: https://syfuhs.net/​
Detailed look at Windows Credentials: https://docs.microsoft.com/windows-se…​
Windows Hello for Business: https://docs.microsoft.com/windows/se…​
Passwordless FIDO: https://docs.microsoft.com/azure/acti…​
FIDO Hybrid to on-prem: https://docs.microsoft.com/azure/acti…​
Windows Hello Enhanced Sign-in Security: https://docs.microsoft.com/windows-ha…​

To watch more sessions from the IT Ops Talks: All Things Hybrid event check out our playlist: https://www.youtube.com/playlist?list…​

Chapters:
00:00​ Introduction
02:11​ Logging on to Windows
03:36​ Types of logins
06:33​ The Logon UI
09:39​ Local Security Authority
21:53​ Logon UI Part II
23:42​ Local Security Authority Part II
25:14​ Kerberos in Windows
35:35​ Logon Sessions including Azure Active Directory
38:09​ Local Security Authority Part III
43:53​ Oauth in Windows – Types of credentials
45:55​ Windows Hello Logon
53:34​ FIDO Logon
56:32​ Local Security Authority Part IV
1:01:08​ Azure AD Join
1:05:14​ Community Q&A – How long do we need to keep on-premises AD around?
1:09:39​ How can we enable MFA/FIDO keys for normal AD Login and not only for Apps that support Modern Auth?
1:12:44​ When will we get rid of passwords once and for all?

https://techcommunity.microsoft.com/t5/video-hub/ops108-windows-authentication-internals-in-a-hybrid-world/m-p/2177434#M1038 https://techcommunity.microsoft.com/t5/video-hub/ops108-windows-authentication-internals-in-a-hybrid-world/m-p/2177434#M1038 2021-03-11 18:07:08Z