Technet Spotlight On Demand Video - Mark Minasi - Windows Logins Revealed

Every day we log into our Windows systems. But what really happens when we do? How DO our workstations and our domain controllers exchange logon information without revealing our passwords? Security hardening guides talk about how scary old-style LM, NTLM and NTLMv2 logons are, but why EXACTLY do they say that-particularly when it's practically impossible to keep all of the old-style logins from happening even in the most modern network? How DOES AD's favorite logon protocol, Kerberos, work? How is it more secure than the old guys, and where should you look more closely at securing it?

https://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=995