The caveats of implementing smart cards and MFA in Active Directory

Many organisations are trying to get rid of the problems resulting from password-based authentication by implementing smart cards or other forms of MFA. However, in this talk we will demonstrate that the low level details of how these mechanisms fit into the Kerberos and NTLM protocols can have large security consequences.

About the Speaker