Authentication protocols overview

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Authentication protocols overview

Authentication is a fundamental aspect of system security. It confirms the identity of any user trying to log on to a domain or access network resources. Windows ServerĀ 2003 family authentication enables single sign-on to all network resources. With single sign-on, a user can log on to the domain once, using a single password or smart card, and authenticate to any computer in the domain.

Authentication types

When attempting to authenticate a user, several industry-standard types of authentication may be used, depending on a variety of factors. The following table lists the types of authentication that the Windows ServerĀ 2003 family supports.

Authentication protocols Description

Kerberos V5 authentication

A protocol that is used with either a password or a smart card for interactive logon. It is also the default method of network authentication for services.

SSL/TLS authentication

A protocol that is used when a user attempts to access a secure Web server.

NTLM authentication

A protocol that is used when either the client or server uses a previous version of Windows.

Digest authentication

Digest authentication transmits credentials across the network as an MD5 hash or message digest.

Passport authentication

Passport authentication is a user-authentication service which offers single sign-in service.

For more information on authentication types, see "Logon and Authentication" at the Microsoft Windows Resource Kits Web site.