Deprecating NTLM is Easy and Other Lies We Tell Ourselves with Steve Syfuhs

Steve Syfuhs, Principal Software Engineer at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Steve has spent the last decade building secure systems and is working at Microsoft as a Principal Developer. In this episode, Steve, Nic, and Wendy discuss how continually improving hardware allows for faster brute-force attacks, the technical and security aspects of password-based authentication protocols, and why the longevity of password security can be extended through incremental improvements. 

In This Episode You Will Learn:    

• Technical and security aspects of password-based authentication protocols 
• Why passwords should not be the primary authentication mechanism  
• The challenges of making significant changes to long-standing systems 

Some Questions We Ask:    

• Why explore secure and user-friendly alternatives like biometrics or hardware keys? 
• How quickly can you guess an 8-character password using specialized hardware? 
• Will audits within Microsoft help understand and improve NTLM usage and security? 

Resources:  

View Steve Syfuhs on LinkedIn 

View Wendy Zenone on LinkedIn 

View Nic Fillingham on LinkedIn 

Related Microsoft Podcasts:                 

• Afternoon Cyber Tea with Ann Johnson 
• Uncovering Hidden Risks    
• Security Unlocked     
• Security Unlocked: CISO Series with Bret Arsenault 
• Secure the Job: Breaking into Security 
• The Microsoft Threat Intelligence Podcast  

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Hosted on Acast. See acast.com/privacy for more information.