Beyond RC4 for Windows Authentication

The main reason this is significant is that it makes Kerberoasting much more difficult. It's less about how secure RC4 is as a cipher, and more how fast you can compute it in a bruteforce dictionary attack, vs the modern AES version.

It is surprising how long RC4 has lasted, honestly. Though it should have been dropped by everything long, long ago. That said, I remember when it came back for a short amount of time due to the BEAST attack which affected block ciphers in CBC mode. It's interesting that nowadays the most recommended mode of operation is galois/counter mode (GCM) which effectively turns 128-bit block ciphers into streams again.