First page Back Continue Last page Overview Graphics
Advantages of Kerberos
Passwords aren’t exposed to eavesdropping
Password is only typed to the local workstation
- It never travels over the network
- It is never transmitted to a remote server
Password guessing more difficult
Single Sign-on
- More convenient: only one password, entered once
- Users may be less likely to store passwords
Stolen tickets hard to reuse
- Need authenticator as well, which can’t be reused
Much easier to effectively secure a small set of limited access machines (the AS’s)
Easier to recover from host compromises
Centralized user account administration