Forum Discussion
johng69
Jun 28, 2023Copper Contributor
Password security
Hi,
I was wondering if Active Directory passwords are transmitted in clear text over the network to domain controllers when a user authenticates on a client that is a member of the local domain.
To be more specific, I have a test lab with the following clients:
- A Windows 10 client that is a member of the domain
- A Synology NAS device that has been joined to the local domain
In the case of item 2, I ran Wireshark on the local domain controller. I can see frames labelled with the "KRB5" protocol and searched for the (test) username.
I'm not able to find any evidence of the password being detected in clear plain text
- EmekaNgeneBrass ContributorHello John,
I think you should have a look at the doc below
Security assessment: Entities exposing credentials in clear text
https://learn.microsoft.com/en-us/defender-for-identity/security-assessment-clear-text