Player FM 앱으로 오프라인으로 전환하세요!
Deprecating NTLM is Easy and Other Lies We Tell Ourselves with Steve Syfuhs
Manage episode 381589281 series 3486243
Steve Syfuhs, Principal Software Engineer at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Steve has spent the last decade building secure systems and is working at Microsoft as a Principal Developer. In this episode, Steve, Nic, and Wendy discuss how continually improving hardware allows for faster brute-force attacks, the technical and security aspects of password-based authentication protocols, and why the longevity of password security can be extended through incremental improvements.
In This Episode You Will Learn:
- Technical and security aspects of password-based authentication protocols
- Why passwords should not be the primary authentication mechanism
- The challenges of making significant changes to long-standing systems
Some Questions We Ask:
- Why explore secure and user-friendly alternatives like biometrics or hardware keys?
- How quickly can you guess an 8-character password using specialized hardware?
- Will audits within Microsoft help understand and improve NTLM usage and security?
Resources:
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
- Afternoon Cyber Tea with Ann Johnson
- Uncovering Hidden Risks
- Security Unlocked
- Security Unlocked: CISO Series with Bret Arsenault
- Secure the Job: Breaking into Security
- The Microsoft Threat Intelligence Podcast
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Hosted on Acast. See acast.com/privacy for more information.
40 에피소드
Manage episode 381589281 series 3486243
Steve Syfuhs, Principal Software Engineer at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Steve has spent the last decade building secure systems and is working at Microsoft as a Principal Developer. In this episode, Steve, Nic, and Wendy discuss how continually improving hardware allows for faster brute-force attacks, the technical and security aspects of password-based authentication protocols, and why the longevity of password security can be extended through incremental improvements.
In This Episode You Will Learn:
- Technical and security aspects of password-based authentication protocols
- Why passwords should not be the primary authentication mechanism
- The challenges of making significant changes to long-standing systems
Some Questions We Ask:
- Why explore secure and user-friendly alternatives like biometrics or hardware keys?
- How quickly can you guess an 8-character password using specialized hardware?
- Will audits within Microsoft help understand and improve NTLM usage and security?
Resources:
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
- Afternoon Cyber Tea with Ann Johnson
- Uncovering Hidden Risks
- Security Unlocked
- Security Unlocked: CISO Series with Bret Arsenault
- Secure the Job: Breaking into Security
- The Microsoft Threat Intelligence Podcast
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Hosted on Acast. See acast.com/privacy for more information.
40 에피소드
모든 에피소드
×플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.