The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
PC World

Microsoft protects cloud with directory-integrated two-factor authentication

Microsoft is upping the security on Azure with Active Authentication, a new service now in preview which allows enterprises to secure access to hosted applications such as Office 365 with two-factor ...
Ars Technica

IIS, windows authentication, load balancers and SSL

Our minor departmental ASP.NET app works great in DEV on a web server without SSL. It relies on getting the User's Windows identity from HttpContext.Current.User.Identity.Name<BR><BR>When we move the ...