LSA 1: Describe Windows Authentications¶
Windows Authentication is a secure form of Authentication. Authentication is the process of verifying the identity of a user, system, or device. It ensures that the entity attempting to access a resource is indeed who it claims to be.
Different authentication methods exist. To include but not limited to:
-
Password-based authentication: Users provide a password, which is compared to a stored hash value. If they match, access is granted.
-
Multi-factor authentication (MFA): Combines multiple factors (e.g., password, SMS code, biometrics) for stronger security.
-
Public key infrastructure (PKI): Uses digital certificates and private keys for secure communication.
-
OAuth: Allows third-party applications to access resources on behalf of a user without sharing credentials.
-
Windows Authentication (NTLM): Used in Windows environments, relying on domain accounts and challenge-response mechanisms. Transitioned to Kerberos or another Negotiation type system.