Ticket Granting Tickets (TGT)
A Ticket Granting Ticket (TGT) or Ticket to Get Tickets (TGT) are files created by the key distribution center (KDC) portion of the Kerberos authentication protocol. They are used to grant users access to network resources.
TGT files can provide secure data protection once the user and server authenticate them. Once a user is authenticated and has the TGT, they use it to obtain a service ticket from the Ticket Granting Service (TGS). It is then that they are granted access to the resources being protected.
To protect from man-in-the-middle (MITM) attacks, TGT files are encrypted. They also include the session key (and its expiration date) as well as a user’s IP address.
“Authentication on Windows uses Kerberos, which requires the user to obtain an encrypted TGT file comprised of identification on the user and session. Once authenticated, the TGT allows them to obtain a service ticket, which then gives them access to the service.”