Barbarians Inside the Gates: Protecting against Credential Theft and Pass the Hash Today

Pass the Hash (PtH) has become one of the most widespread attacks affecting our customers. Many of our customers have made it their top priority to address PtH. In response, Microsoft has assembled a workgroup to investigate effective and practical mitigations that could be used now as well as future platform modifications. This presentation covers the problem of credential theft and re-use, focusing on Pass-the-Hash attacks as an example, and discusses Microsoft’s recommended mitigations. The presenters are members of the Cybersecurity Services team.