Various versions of Windows have used Kerberos as their primary authentication protocol for over 20 years. However, in certain cases, the operating system must use another method, such as NTLM (NT LAN Manager).
NTLM is an older authentication protocol from Microsoft and was replaced by Kerberos in Windows 2000. However, NTLM is still used to store Windows passwords locally or in the NTDS.dit file in Active Directory domain controllers. NTLM is now considered insecure and contains many serious security vulnerabilities.
Back in October last year, Microsoft officially announced that the company was planning to expand its use of Kerberos, with the ultimate goal of completely eliminating the use of NTLM on Windows, specifically starting on Windows 11 and beyond.
The company has posted on its official website an updated list of deprecated Windows features, which now includes NTLM (New Technology Lan Manager). The announcement covers all versions of NTLM including LANMAN, NTLMv1, and NTLMv2.
By June this year, Microsoft confirmed that it plans to discontinue NTLM support after Windows 11 24H2 and Windows Server 2025 and thus the feature will no longer be available in future versions of Windows client and server.
Today, Microsoft began removing NTLM on Windows 11 24H2 and Windows Server 2025, announcing that NTLMv1 has been removed from the aforementioned Windows versions.
Microsoft previously explained that the reason behind this move was to improve the security of authentication, as more modern protocols like Kerberos would provide better protection. The company now recommends using the Negotiate protocol to ensure that NTLM is only used when Kerberos is not available.
Microsoft has updated the notice on its end of support feature page to read as follows:
All versions of NTLM, including LANMAN, NTLMv1, and NTLMv2, are no longer in active feature development and have been deprecated. Use of NTLM will continue to be maintained in the next release of Windows Server and the next annual release of Windows. Calls to NTLM should be replaced with calls to Negotiate, which will attempt to authenticate using Kerberos and only fallback to NTLM when necessary.
[Update - November 2024]: NTLMv1 has been removed starting with Windows 11 version 24H2 and Windows Server 20205.
NTLM is commonly used by businesses and organizations for Windows authentication, as it "does not require a local network connection to a Domain Controller". It is also "the only protocol supported when using a local account" and "works even if you don't know what the target server is".
These benefits have led to some applications and services hardcoding NTLM instead of switching to more modern authentication protocols such as Kerberos. Kerberos provides a better level of security and is more scalable than NTLM. That is why Kerberos is now the preferred default protocol in Windows environments.
The problem is that while businesses can disable NTLM for authentication, those hard-wired applications and services can still have problems. This is why Microsoft has added a number of new authentication features to Kerberos. These changes are being rolled out so that Kerberos will eventually become the sole Windows authentication protocol.
In addition to NTLMv1, another security feature has also been removed on Windows 11 24H2. Microsoft has confirmed that Windows Information Protection (WIP) or enterprise data protection (EDP) is being removed from the Windows environment. This feature was intended to protect against accidental data leaks.
Windows 11 version 21H2 is one of the major original releases of Windows 11 that began rolling out globally on October 4, 2021.
The year 2023 saw Microsoft betting heavily on artificial intelligence and its partnership with OpenAI to make Copilot a reality.
Microsoft introduced Bluetooth LE (low energy) Audio support with Windows 11 22H2 KB5026446 (build 22621.1778), also known as Moment 3, in May 2023.
After keeping things the same for years, the Sticky Note update in mid-2024 changed the game.
Today, Microsoft officially announced the general availability of Windows Server 2025 along with System Center 2025.
There's always something incredibly cool about the nostalgic user interface of 90s versions of Windows.
More than three years ago, when Microsoft announced Windows 11, the operating system immediately caused a lot of controversy.
The October 2024 report provides an overview of Windows 11's market share compared to other versions of Windows.
Microsoft is said to be getting closer to launching its first foldable smartphone when it was granted a patent for a foldable phone with the ability to fold 360 degrees but without creating wrinkles on the screen on October 1.
In a new post on its Tech Community website, Microsoft has announced plans to discontinue WSUS driver synchronization in favor of its latest cloud-based driver services.
Windows Photo Viewer was first released alongside Windows XP and has quickly become one of the most frequently used tools on Windows.
The latest previews of Windows 11 that Microsoft released this week include an improved About section in the Settings app, where users can get more information about the hardware inside their computer.
To address common issues faced by PC gamers, Microsoft has finally made the Windows operating system easier to navigate with an Xbox controller.
The April security updates for Windows 11 silently created a new empty folder on the C drive.
Microsoft has invested billions of dollars in OpenAI since 2019, although the Redmond-based software giant is by no means the primary investor in the innovative AI startup.
Hidden deep within Windows is a world of command lines that few people know about. In this article, we will guide you on how to fix errors and make your computer more secure using the cmd command line tool.
Instructions on how to enter BIOS on Windows 10 for you, with video illustration.
Clipchamp is the default video editor on Windows 11, but if you just need to make a quick cut, split a simple photo, or add music to a clip, the classic editor inside the Photos Legacy app is a much better choice.
Save images from the login screen, download Windows 10 lock screen images to keep the images you like or set them as your computer wallpaper. Here is the most detailed way to download images from Windows Spotlight for you.
Windows 11 has a feature that adds an End Task button directly on the Taskbar, so you don't have to access Task Manager to close unresponsive applications.
This article will guide you through the ways to enable Bluetooth on Windows 11 to connect to wireless accessories with just a few simple steps.
Sometimes, you just can't find an external hard drive when you need it most. After losing important files a few times, some people have found a simple and reliable way to back up everything, even when the hard drive is unavailable.
The methods in this article will help you hide or protect Windows folders from prying eyes.
Most Windows errors occur after you log in to your computer. However, the User Profile Service Failed the Logon error doesn't allow you to log in at all, which is why it's harder to fix than other Windows errors.
Windows 10 has just three months left until support ends. In October 2025, the operating system will receive its final update, ending its 10-year lifecycle.
Errors related to your computer's drive can prevent your system from booting properly and restrict access to your files and applications.
If you want to create a private cloud to share and transfer large files without any limits, you can create an FTP Server (File Transfer Protocol Server) on your Windows 10 computer.
If you are looking for a way to hide files on Windows 11 without software, just follow the instructions below.
If your computer has an SSD and an HDD, you can turn off the hard drive after a period of inactivity.
Changing DNS on Windows has many benefits, such as: Accessing some blocked websites, speeding up internet connection, improving network stability. Below is how to change DNS on Windows 10, Windows 7 and other Windows versions. In the last part of the article, WebTech360 will talk a little about why changing DNS helps speed up the internet.
