Wdigest

What is WDigest?

Digest Authentication is a challenge/response protocol that was primarily used in Windows Server 2003 for LDAP and web-based authentication. It utilizes Hypertext Transfer Protocol (HTTP) and Simple Authentication Security Layer (SASL) exchanges to authenticate. At a high level, a client requests access to something, the authenticating server challenges the client, and the client responds to the challenge by encrypting its response with a key derived from the password. The encrypted response is compared to a stored response on the authenticating server to determine if the user has the correct password. Microsoft provides a much more in-depth explanation of WDigest, how it works, and some of its uses here.

How to detect and halt credential theft via Windows WDigestCSO Online

WDigest Clear-Text Passwords: Stealing More Than a HashStealthbits Technologies