Kerberos caveats

• Kerberos server can impersonate anyone

• KDC is a single point of failure

• Can have replicated KDC’s

• KDC could be a performance bottleneck

• Everyone needs to communicate with it frequently
• Not a practical concern these days
• Having multiple KDC’s alleviates the problem

• If local workstation is compromised, user’s password could be stolen by a trojan horse

• Only use a desktop machine or laptop that you trust
• Use hardware token pre-authentication