Microsoft Announces Deprecation of NTLM Authentication Protocols

Microsoft Announces Deprecation of NTLM Authentication Protocols. In a recent announcement, Microsoft has declared the deprecation of all versions of NTLM, including LANMAN, NTLMv1, and NTLMv2. This move is part of an ongoing effort to enhance security and simplify authentication protocols.

While NTLM will continue to function in the upcoming releases of Windows Server and the next annual release of Windows, it is no longer under active feature development.

Microsoft encourages users and administrators to update their authentication methods to use Negotiate, which primarily uses Kerberos. Negotiate attempts to authenticate via Kerberos initially and only fall back to NTLM if required.

This transition exploits Kerberos’s robust security features, thereby reducing dependence on the older and less secure NTLM protocol.

• New External Authentication Methods in Microsoft Entra ID
• What is Microsoft Entra ID?
• MFA Authentication now Added to WhatsApp
• Walkthrough of Mac Device Passwordless SSO with Entra

Microsoft Announces Deprecation of NTLM Authentication Protocols

Switching to Negotiate and Kerberos is recommended. Kerberos offers more robust security features than NTLM. The Negotiate mechanism enhances security by attempting to authenticate with Kerberos first, thereby minimizing reliance on the older and less secure NTLM protocol.

What is Replacing NTLM?
Microsoft recommends transitioning to the Negotiate authentication mechanism, which prioritizes using Kerberos and only falls back to NTLM when necessary.

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

About the Author: Vidya is a computer enthusiast. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She loves writing about Windows 11 and related technologies. She is also keen to find solutions and write about day-to-day tech problems.