HomeIdentity Security Encyclopedia › Kerberos

Kerberos

Kerberos is a network authentication protocol that uses secret-key cryptography to provide strong authentication for client/server applications — the default authentication protocol in Windows Active Directory environments.

IAM Protocol Authentication Active Directory

❓ What is Kerberos?

Kerberos is a network authentication protocol that uses secret-key cryptography to provide strong authentication for client/server applications — the default authentication protocol in Windows Active Directory environments.

⚙️ How Does It Work?

After login, the user receives a Ticket Granting Ticket (TGT) from the Key Distribution Center (KDC). To access a service, the client presents the TGT to get a service ticket. The service validates the ticket — no password is transmitted over the network.

📍 Where Is It Used?

Windows Active Directory domains, Unix/Linux with Kerberos integration, any system requiring network authentication in enterprise environments.

💡 Real-World Example

A Golden Ticket attack exploits Kerberos by forging a TGT using the KRBTGT account hash. An attacker who obtains this hash can generate valid Kerberos tickets for any user, including admins, with any expiry time — gaining persistent access to the entire domain.

🔗 Related Terms

Active Directory Domain Controller Pass-the-Hash IAM Authentication
← ISO 27001 Identity ControlsKMS Key →

Stay Ahead in Identity Security

Get weekly IAM, PAM & IGA insights delivered to your inbox via Identity Pulse.

Subscribe to Identity Pulse →
Scroll to top