![]() The test findings research summarized that password-less authentication is far more secure than the traditional authentication method this is evidenced throughout the author’s tests. The third VM will act as the end-user device. The second VM will act as an Active Directory Federation Service (ADFS). The first VM will act as a domain controller (DC) and certificate authority server (CA server). This was feasible by the creation of three VMs operating in the following way. The conducted research tests are in the form of two attack methods. This includes creating three virtual machines (VMs) and evaluating WHFB as a password-less solution and showing how an attacker with privileged access may retrieve the end user’s domain password from the computer’s memory using Mimikatz and describing the possible results. This research aims to explore the problems that password authentication and password policies present and aims to deploy Windows Hello for Business (WHFB) on-premises. Traditional password authentication methods have raised many issues in the past, including insecure practices, so it comes as no surprise that the evolution of authentication should arrive in the form of password-less solutions.
0 Comments
Leave a Reply. |