OPS108: Windows authentication internals in a hybrid world
Published Feb 02 2021 08:30 AM 10.2K Views

Have you ever wondered what happens when you type your password into Windows? With the cloud becoming a major part of our world, we find ourselves having to talk to both on-premises and cloud-native resources, which dramatically affects what happens when you do type your password into Windows. Follow along as Steve Syfuhs gives a guided tour of how Windows handles logons internally and secures your authentication in a hybrid world.



Steve Syfuhs, Senior Developer



This session includes:

02:11 Logging on to Windows
03:36 Types of logins
06:33 The Logon UI
09:39 Local Security Authority
21:53 Logon UI Part II
23:42 Local Security Authority Part II
25:14 Kerberos in Windows
35:35 Logon Sessions including Azure Active Directory
38:09 Local Security Authority Part III
43:53 Oauth in Windows - Types of credentials
45:55 Windows Hello Logon
53:34 FIDO Logon
56:32 Local Security Authority Part IV
1:01:08 Azure AD Join
1:05:14 Community Q&A - How long do we need to keep on-premises AD around?
1:09:39 How can we enable MFA/FIDO keys for normal AD Login and not only for Apps that support Modern Auth?
1:12:44 When will we get rid of passwords once and for all?


Community chat

Want to chat about this session? Come join us on Discord! https://aka.ms/ops108-chat


Learn more

IT Ops Talks Hybrid Event: https://aka.ms/ITOpsTalks
IT Ops Talks Community Chat: https://aka.ms/OPS108-chat
Steve on Security: https://syfuhs.net/
Detailed look at Windows Credentials 
Windows Hello for Business 
Passwordless FIDO 
FIDO Hybrid to on-prem 
Windows Hello Enhanced Sign-in Security 


Was this perfect or how could we improve this? Please take a moment to submit your feedback at https://aka.ms/ops108-feedback 

To watch more sessions from the IT Ops Talks: All Things Hybrid event check out https://aka.ms/ITOpsTalks


Version history
Last update:
‎May 14 2021 11:14 AM
Updated by: