For checking Part 1 of Windows 10 Security, please check the below link

Pass the Hash was really one of the hottest attacks in 2015, No major attack happened last year without having a flavor of PTH either on local accounts or domain accounts by stealing the Hash and passing it to other services………etc

Windows 10 introduced a new feature which is Credential Guard or Virtual Secure Mode (VSM). The main idea is utilizing Microsoft hyper-V by enabling Hyper-V on the Windows 10 machine and having a special secure kernel mode based on the virtualization technology to store critical process as the Local Security Authority (Your passwords). This new feature provides a promise to finally get rid of Pass the Hash attack and stealing passwords/Hashes. This secure Kernel mode has no GUI or network access and it communicates with the OS in a new format that cannot be replayed or passed (at least for the time being)

How to Enable Credential Guard

  1. First of all we need to add the Hyper-V from Control Panel – Programs and Features – Turn windows Features on or off.
  2. Secure Boot need to be enabled.
  3. This feature will work only on Windows 10 Enterprise.
  4. Machine should be domain joined as this will protect domain accounts, its not for local accounts. For local accounts you should have other protection mechanisms as Microsoft LAPS
  5. VSM or Credential Guard can be enabled using Group Policy (Updated group policy for Windows 10 copied to the Domain Controller Central store), In my case i am enabling it manually on my Laptop using Local Group Policy Editor as shown below (Computer configuration – Administrative Templates – System – Device Guard – Turn on Virtualization based Security)
  6. Enable the setting, I picked Enabled without Lock so it can be controlled/Disabled later using Group policy. Detailed description is shown in Help section.
  7. Start the special VSM process by editing the boot Configuration data as shown below from an elevated command prompt
To verify its running and working normally as designed, you will need first to reboot the computer and after booting go to the computer system information (From Cortana Search for System Information or msinfo) and check the system summary as shown below.
Also in the Task Manager you will find Credential Guard Process as well as in the details Tab.

This is a very new nice feature to secure your credentials and i would advice Windows 10 users to go ahead and try it.