← Cybersecurity Alphabet Soup

PtH

Pass the Hash

attackshard

Pass the Hash lets an attacker authenticate to Windows systems using a stolen password hash instead of the plaintext password. Because some authentication protocols accept the hash directly, cracking the password is unnecessary. It is a core lateral-movement technique in enterprise intrusions, countered by credential hygiene, tiered administration, and protections around stored credentials.

Sources

More in attacks