Kerberos is a network authentication protocol that uses secret-key cryptography to provide strong authentication for client/server applications — the default authentication protocol in Windows Active Directory environments.
⚙️ How Does It Work?
After login, the user receives a Ticket Granting Ticket (TGT) from the Key Distribution Center (KDC). To access a service, the client presents the TGT to get a service ticket. The service validates the ticket — no password is transmitted over the network.
📍 Where Is It Used?
Windows Active Directory domains, Unix/Linux with Kerberos integration, any system requiring network authentication in enterprise environments.
💡 Real-World Example
A Golden Ticket attack exploits Kerberos by forging a TGT using the KRBTGT account hash. An attacker who obtains this hash can generate valid Kerberos tickets for any user, including admins, with any expiry time — gaining persistent access to the entire domain.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights via Identity Pulse.
Subscribe to Identity Pulse →