1. Kerberos:
Kerberos是基于票证的身份验证系统,用于在登录系统时对用户信息进行身份验证。 Kerberos基于对称密钥加密技术,并且依赖于可靠的第三方,并且在身份验证阶段使用私有密钥加密。开发了不同版本的Kerberos,以增强身份验证的安全性。 Kerberos通常在Microsoft产品(例如Windows 2000,Windows XP和更高版本的Windows)中实现。
2. NTLM:
NTLM(新技术LAN管理器)是专有的Microsoft身份验证协议。 NTLM也基于对称密钥加密技术,并且需要资源服务器为用户提供身份验证,完整性和机密性。 NTLM不支持身份验证和两因素身份验证。 NTLM通常在较早的Windows版本中实现,例如Windows 95,Windows 98,Windows ME,NT 4.0。
Kerberos和NTLM之间的区别:
| S.No. | Kerberos | NTLM |
|---|---|---|
| 1. | Kerberos is an open source software and offers free services. | NTLM is the proprietary Microsoft authentication protocol. |
| 2. | Kerberos supports delegation of authentication in multi-tier application. | NTLM does not support delegation of authentication. |
| 3. | Kerberos supports two factor authentication such as smart card logon. | NTLM does not provide smart card logon. |
| 4. | Kerberos has the feature of mutual authentication. | NTLM does not have the feature of mutual authentication. |
| 5. | Kerberos provides high security. | While NTLM is less secured as compared to kerberos. |
| 6. | Kerobos is supported in Microsoft Windows 2000, Windows XP and later windows versions. | NTLM is also supported in earlier windows versions such as Windows 95, Windows 98, Windows ME, NT 4.0. |