Blog Post

SQL Server Support Blog

3 MIN READ

Kerberos Authentication flow

Arslanov

Microsoft

Mar 02, 2025

Let us dive into Kerberos Authentication.

Video version: Kerberos Authentication flow Whenever you login with Windows Authentication to the sever like SQL Server, in many cases, Kerberos is used as a main authentication type. In short, K...

Updated Mar 09, 2025

Version 6.0

Microsoft

Joined July 16, 2024

View Profile

SQL Server Support Blog

Follow this blog board to get notified when there's new activity

SivertSolem

Iron Contributor

Mar 07, 2025

In the network trace, you mention that the first AS-REQ fails because it's not encrypted.

Earlier you mention that the AS-REQ packet includes the username, and could include the users password.

Would the users password be part of the "plaintext" AS-REQ packet, or is the protocol smart enough to only send that information as part of an encrypted packet?

It has been my belief that one of the benefits of Kerberos over older authentication flows was that usernames and passwords were encrypted in the Kerberos authentication flow.

Arslanov

Microsoft

Mar 09, 2025

Very good catch. Added more context to that point. Thanks for this point :)