Kerberos is a client-server authentication system that uses a secret key rather than a password to authorize users. It is designed around a trusted third party system, called a Key Distribution Center (KDC), which performs verification of users and services.

If a user requests a service from another host, the KDC issues both hosts a secret key, which only they can read. They use this session to exchange information until the session is expired. Kerberos can use 40- or 56-bit Data Encryption Standard (DES) keys for encryption. Cisco IOS 11.2 supports Kerberos 5.