The Key Element of Authentication—the User!
Before you learn the actual details of NTLM, you need to understand that regardless of the protocol, you are always at the mercy of the user. A fully implemented Kerberos authentication using Windows 2000 offers vast improvements concerning the ability to hack into the network and steal user passwords, because there are no password hashes to steal.
Although vastly improved, Kerberos does not eliminate the most obvious techniques for obtaining access however, and these are social engineering and plain old guessing. It is a mute point to say that your environment is using encryption and that protects you when you still allow users to create passwords that are inherently weak.
Passwords that are trivial ...
Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
