Kerberos Change Password

Critical Risk

TCP/UDP — Security & VPN

Port Overview

Port Number 464

Service Name Kerberos Change Password

Transport Protocol TCP/UDP

Category Security & VPN

Security Risk Critical

Port Range Well-Known (0-1023)

What is Port 464?

Port 464 is assigned to kpasswd, used for changing Kerberos passwords in Active Directory and MIT Kerberos environments. Critical for enterprise auth.

TCP/UDP Security & VPN Commonly Used

Security Considerations

Port 464 (Kerberos Change Password) is classified as critical risk. This port should not be exposed to the public internet. The service transmits data without encryption, making it vulnerable to eavesdropping, credential theft, and man-in-the-middle attacks.

Recommendation: Block this port at the firewall. Use encrypted alternatives (SSH, SFTP, HTTPS) instead.

Related Ports — Security & VPN

49 TACACS 65 TACACS-DS 88 Kerberos 90 DNSIX Security 370 codaauth2 389 LDAP 500 IKE/ISAKMP 636 LDAPS