Enable Credential Guard to increase Windows 10 security

Enable Credential Guard to increase Windows 10 security

Credential Guard is one of the key security features built into Windows 10. This feature allows to protect your computer from attacks on domain information, thus preventing hackers from taking control of Enterprise Networks. .

1. What is Credential Guard feature on Windows 10?

Credential Guard is one of the key security features built into Windows 10. This feature allows to protect your computer from attacks on domain information, thus preventing hackers from taking control of Enterprise Networks. .

Along with features like Device Guard, Secure Boot, and Credential Guard, Windows 10 is probably the version of Windows that is more secure than previous versions of Windows.

On previous versions of Microsoft operating system this feature was used to store ID and password for user account on internal RAM, Credential Guard created a Virtual Container and stored all Domain Secrets in Virtual Containers that the operating system cannot directly access. This feature uses Hyper V, which you can configure under Program and Features on Control Panel.

Credential Guard in Windows 10 helps to increase the security of domain information and related hashes

By enabling Windows Defender Credential Guard, the following features and solutions are provided:

Hardware security : NTLM, Kerberos and Credential Manager take advantage of the platform’s security features, including Secure Boot and virtualization, to protect credentials.

Virtualization-based security : Windows NTLM and Kerberos-derived credentials, as well as other secrets that run in a protected environment are isolated from the running operating system.

Better protection against continuously advanced threats : When Credential Manager domain credentials, NTLM and Kerberos-derived credentials are protected using virtualization-based security, Attack techniques and tools aimed at stealing credentials, used in many targeted attacks, are blocked.

Malware running in operating systems with administrative privileges cannot extract secrets protected by virtualization-based security. While Windows Defender Credential Guard is a powerful mitigation, persistent attacks are likely to shift to new attack techniques, so you should also incorporate multiple strategies and architectures. other security.

In short, the Credential Guard feature on Windows 10 enhances the security of domain information and related hashes, avoiding hacker attacks.

2. Some requirements and limitations

Some requirements of Credential Guard:

Credential Guard is only available on Windows 10 Enterprise edition. Therefore, if you use the Pro or Education editions, you cannot access and activate this feature on your Windows 10 computer.

– Your device supports Secure Boot and 64-bit Virtualization (64-bit CPU, CPU virtualization extensions plus Extended Page Tables, Windows Hypervisor – no Hyper-V Windows feature required).

– TPM (preferred – provides linkage with hardware) versions 1.2 and 2.0 are supported, Discrete or Firmware.

– UEFI key (priority – prevents attackers from disabling with a simple registry key change).

Some restrictions of Credential Guard:

– Cannot protect Local account and Microsoft account.

– Unable to protect application side information, third party software.

Unable to protect against Key Loggers.

3. Enable Credential Guard on Windows 10

Credential Guard is only available on Windows 10 Enterprise edition. Therefore, if you use the Pro or Education editions, you cannot access and activate this feature on your Windows 10 computer.

To enable Credential Guard, first open a Run command window by pressing Windows + R key combination . Then type gpedit.msc in the Run command window to open the Group Policy Editor.

On the Group Policy Editor window, navigate to the following path:

Computer Configuration => Administrative Templates => System => Device Guard

Next, find and double-click on the option called Turn On Virtualization Based Security , and then select Enable.

Under Options , tick Platform Security Level and select Secure Boot or Secure Boot and DMA Protection.

Under Credential Guard Configuration , click Enabled with UEFI lock and click OK.

If you want to turn off Credential Guard remotely, choose Enabled without lock.

Click Apply, then click OK and exit the Group Policy Editor.

Finally, reboot your system.

Refer to some more articles below:

  • Clear Windows 10 update Cache to free up memory space
  • Instructions to set up Windows Hello to recognize faces on Windows 10
  • If you want to master Windows, please master these keyboard shortcuts

Good luck!

3