Windows Authentication with IIS7 with public facing website

Posted by user38553 on Server Fault See other posts from Server Fault or by user38553
Published on 2010-06-07T08:16:33Z Indexed on 2010/06/07 8:23 UTC
Read the original article Hit count: 446

Filed under:

By default in IIS7, Windows Authentication was turned off and I had to make a configuration change to activate it. When I did that there was a description for Windows Authentication that explained this should only be used for intranet sites, not public facing websites. When you consider NTLM/Kerberos does not use plain text I am not sure why Microsoft have decided this, all of a sudden.

Can anybody explain?

© Server Fault or respective owner

Related posts about iis7