!!! Overview
[{$pagename}] are [Authentication Methods] or [Authentication] procedures that are identified within [Windows Client Authentication Architecture][{$pagename}] is similar to the [Authentication Context Class] within the [Context] of [Microsoft Windows]

!! [{$pagename}] List
[{$pagename}] are part shown within the [Event 4624] and [Event 4625] in the [Windows Security Log Events] of the [Windows Security Event Log]

%%zebra-table
%%sortable
%%table-filter
||Login Type||Logon Title||Description
|2|[Interactive]|A [UserId] logged on to this computer
|3|[Network|Network-Auth]|A [User] or computer logged on to this computer from the [network].
|4|[Batch|Batch-Auth]|Batch [logon|Authentication] type is used by batch servers, where processes may be executing on behalf of a [userId] without their direct intervention.
|5|[Service|Service-Auth]|A service was started by the [Service Control Manager] ([SCM]).
|7|[Unlock|Unlock-Device]|This workstation was unlocked.
|8|[NetworkCleartext]|A [UserId] logged on to this computer from the [network]. The user's [password] was passed to the [authentication] package in its unhashed form. The built-in [authentication] packages all hash [credentials] before sending them across the network. The [credentials] do not traverse the network in [plaintext] (also called [cleartext]).
|9|[NewCredentials]|A caller cloned its current token and specified new credentials for outbound connections. The new logon session has the same local identity, but uses different credentials for other network connections.
|10|[RemoteInteractive]|A [User] logged on to this computer remotely using Terminal Services or Remote Desktop.
|11|[CachedInteractive]|A [User] logged on to this computer with [network] [credentials] that were stored locally on the computer. The domain controller was __NOT__ contacted to verify the [credentials].
/%
/%
/%
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]