Aspects


vs


Kerberos

Kerberos is a single sign-on (SSO) network authentication protocol designed to allow nodes, communicating over a non-secure network, to prove their identity to one another in a secure manner.

Ntlm

NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.

Performance ways better

Quality Example
Better option

"Kerberos could be considered as a better option than ntlm"

from question "Windows integrated (NTLM) authentication vs Windows integrated (Kerberos)"

Better

"In fact in some ways ntlm is better than kerberos"

from question "Authenticating against Active Directory with Java on Linux"

"I understand that kerberos has better performance than ntlm"

from question "Performance difference Kerberos versus NTLM"

Others

Quality Example
Less

"But since ntlm is less secure than kerberos why isn t it the other way around"

from question "Why is kerberos defaulting to NTLM in WCF?"

More secure

"But as i understand it ntlm disallows the more secure kerberos domain credentials if they re available"

from question "Windows Authentication not prompting on Firefox or iOS Safari"

Slower

"For a low traffic site the huge tokens that kerberos send across the network actually makes it slower than ntlm"

from question "Access a SharePoint website from a Java application with Kerberos authentication"

Faster

"Kerberos is complex to set up and even though it generally is considered faster than ntlm this is only true when you reach a certain limit of simultanious users on your site"

from question "Access a SharePoint website from a Java application with Kerberos authentication"

Back to Home
Data comes from Stack Exchange with CC-BY-SA-3.0