RC4 Deprecated, Are passkeys still an issue?
Description
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant updates in Microsoft's security protocols, particularly regarding Kerbroasting and the transition from RC4 to AES encryption. They delve into the challenges surrounding the adoption of passkeys, emphasizing the need for user education and the importance of credential managers. The conversation highlights the friction users face when transitioning from traditional passwords to passkeys and the implications of vendor lock-in. The hosts conclude with thoughts on the future of digital security and the necessity for individuals to take control of their credential management.
----------------------------------------------------
YouTube Video Link: https://youtu.be/REBYRjYoEbM
----------------------------------------------------
Documentation:
https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authentication
https://fy.blackhats.net.au/blog/2025-12-17-yep-passkeys-still-have-problems/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
United States
