Microsoft Sets a Path to Switch Off NTLM Across Windows

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows environments toward stronger, Kerberos-based options. The development comes more than two years after the tech giant revealed its plans to deprecate the legacy technology, citing its susceptibility to weaknesses that could facilitate relay attacks and allow bad

Microsoft disables NTLM in Windows

Microsoft has announced that the phase-out of NT LAN Manager (NTLM) is now transitioning to disabling the protocol by default, in an effort to increase security in Windows 11 and Windows Server. NTLM is a series of security protocols that were introduced in the 1990s, but since Kerberos became the default protocol in Windows 2000, its use has declined with each passing year. Still, many legacy enterprise systems still support or use NTLM, making…

Microsoft plans to bury its NTLM security relic after 30 years — replacing it with stronger Kerberos-based alternatives via future Windows client releases

Microsoft recently highlighted a three-phase plan to disable the legacy New Technology LAN Manager (NTLM) protocol by default for stronger Kerberos-based alternatives in the next major Windows Server release and associated Windows client releases.

Microsoft sets a path to switch off NTLM across Windows

Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options. NTLM has been part of Windows for decades and continues to appear in some environments, particularly where legacy systems and older applications are present. Security threats have changed over time, and security expectations have risen with them. Today, NTLM’s weaker cryptography leaves it …