Various versions of Windows have used Kerberos as their primary authentication protocol for over 20 years. However, in certain cases, the operating system must use another method, such as NTLM (NT LAN Manager).
NTLM is an older authentication protocol from Microsoft and was replaced by Kerberos in Windows 2000. However, NTLM is still used to store Windows passwords locally or in the NTDS.dit file in Active Directory domain controllers. NTLM is now considered insecure and contains many serious security vulnerabilities.
Back in October last year, Microsoft officially announced that the company was planning to expand its use of Kerberos, with the ultimate goal of completely eliminating the use of NTLM on Windows, specifically starting on Windows 11 and beyond.
The company has posted on its official website an updated list of deprecated Windows features, which now includes NTLM (New Technology Lan Manager). The announcement covers all versions of NTLM including LANMAN, NTLMv1, and NTLMv2.
By June this year, Microsoft confirmed that it plans to discontinue NTLM support after Windows 11 24H2 and Windows Server 2025 and thus the feature will no longer be available in future versions of Windows client and server.
Today, Microsoft began removing NTLM on Windows 11 24H2 and Windows Server 2025, announcing that NTLMv1 has been removed from the aforementioned Windows versions.
Microsoft previously explained that the reason behind this move was to improve the security of authentication, as more modern protocols like Kerberos would provide better protection. The company now recommends using the Negotiate protocol to ensure that NTLM is only used when Kerberos is not available.
Microsoft has updated the notice on its end of support feature page to read as follows:
All versions of NTLM, including LANMAN, NTLMv1, and NTLMv2, are no longer in active feature development and have been deprecated. Use of NTLM will continue to be maintained in the next release of Windows Server and the next annual release of Windows. Calls to NTLM should be replaced with calls to Negotiate, which will attempt to authenticate using Kerberos and only fallback to NTLM when necessary.
[Update - November 2024]: NTLMv1 has been removed starting with Windows 11 version 24H2 and Windows Server 20205.
NTLM is commonly used by businesses and organizations for Windows authentication, as it "does not require a local network connection to a Domain Controller". It is also "the only protocol supported when using a local account" and "works even if you don't know what the target server is".
These benefits have led to some applications and services hardcoding NTLM instead of switching to more modern authentication protocols such as Kerberos. Kerberos provides a better level of security and is more scalable than NTLM. That is why Kerberos is now the preferred default protocol in Windows environments.
The problem is that while businesses can disable NTLM for authentication, those hard-wired applications and services can still have problems. This is why Microsoft has added a number of new authentication features to Kerberos. These changes are being rolled out so that Kerberos will eventually become the sole Windows authentication protocol.
In addition to NTLMv1, another security feature has also been removed on Windows 11 24H2. Microsoft has confirmed that Windows Information Protection (WIP) or enterprise data protection (EDP) is being removed from the Windows environment. This feature was intended to protect against accidental data leaks.
Microsoft has invested billions of dollars in OpenAI since 2019, although the Redmond-based software giant is by no means the primary investor in the innovative AI startup.
One of the world's most popular VPN services - ExpressVPN - has officially launched an app version for Windows PCs running on ARM-based processors.
Did you know Microsoft is celebrating its 50th birthday this week?
In January, Microsoft announced plans to bring NPU-optimized versions of the DeepSeek-R1 model directly to Copilot+ computers running on Qualcomm Snapdragon X processors.
Microsoft continues to announce plans to add new features to Windows 10, despite the fact that the operating system will inevitably die in October 2025.
Microsoft releases new Fluid Textures desktop wallpaper collection
Besides elements like new interface and features, another aspect, although small, also receives a lot of attention on Windows: wallpaper packs designed and introduced by Microsoft for special occasions.
Microsoft has made an important announcement for customers using the Remote Desktop for Windows app from the Microsoft Store. On May 27, 2025, this app will be officially discontinued and removed from the Microsoft Store.
If you asked five Windows users to explain what Vista's Digital Rights Management (DRM) is, you'd probably get five different answers. But there's one thing that's important.
Microsoft has finally officially announced the planned end of support (EOS) for the Office 2016 and Office 2019 application ecosystem.
Windows 11 version 24H2 — the only major Windows 11 update in 2024 — has been out for a few months and is slowly stabilizing.
The issue was first reported when users reported that some PCs were unable to complete the update and encountered a blue screen of death (BSOD) error.
Windows 11 is expected to receive two notable major updates this year.
When users try to install Windows 11 build 26058, the Setup file will give a message saying “This PCs processor doesnt support a critical feature (PopCnt)”
Not long ago, Microsoft stopped providing support for Windows 10 version 21H2, which means version 22H2 becomes the only supported Windows 10 release at the moment.
In many cases, it is usually due to virus attacks that the hidden folders of the system cannot be displayed even after activating the “Show hidden files and folders” option in Folder Options. Some of the following methods will help to handle this problem.
Sometimes you still need to turn off the firewall to perform certain functions. The 3 ways to turn off the Win 10 firewall below will help you in such situations.
If you're looking for a quicker method, here's how to add a dedicated shutdown shortcut to your Windows 11 desktop or taskbar.
Windows 11 doesn't support the JPEG X image format by default, but you can install an add-on that does. Here's how to add JPEG XL support in Windows 11.
In the process of pinning applications, sometimes we encounter some errors such as not being able to pin the application to the Taskbar. Below are some ways to fix the error of not being able to pin the application to the Windows 11 Taskbar.
Windows BitLocker offers an easy-to-use solution for encrypting your hard drive. However, it also has its drawbacks, so it may not be a great choice for everyone.
This guide will show you how to overwrite (securely erase) deleted data on a drive so that it cannot be recovered or accessed in Windows 10 and Windows 11.
If you regularly use Copilot on Windows 11, there is a very simple way to quickly access Copilot, which is to add Copilot to the right-click menu.
Adding a printer to Windows 10 is simple, although the process for wired devices will be different than for wireless devices.
A new utility is being developed that will help remove the strict system requirements of Windows 11.
PC maintenance is essential for long-term, efficient performance. However, there are some mistakes you can make that can do more harm than good to your PC.
Smart App Control (SAC) is a security feature included in the Windows Security application that locks down the system, allowing only trusted applications to run.
Your computer needs a way to communicate with other devices, and that's where TCP/IP comes in. TCP/IP ensures that data moves smoothly across the network, whether you're browsing the web or sharing files.
Uncompressed files can silently take up gigabytes of space on your Windows PC—slowing things down and cluttering your drive without you even realizing it.
Bluetooth options have disappeared on your Windows 111 computer? This can happen for a number of reasons, including temporary glitches, corrupted Bluetooth drivers, and issues with the Windows operating system.
