Microsoft to Phase Out NTLM Authentication in Windows 11 by Late 2024

Microsoft plans to replace NTLM with Kerberos in Windows 11 for enhanced security, effective late 2024.

Microsoft plans to phase out the NT LAN Manager (NTLM) authentication protocol in Windows 11 by the second half of 2024, following demands from the security community.

This initiative aims to transition users and enterprises to the Kerberos authentication method, providing alternatives like IAKerb and KDC for applications and services that rely on NTLM.

To achieve this, Microsoft has expanded Kerberos usage in Windows 11 by introducing IAKerb and local KDC, ensuring compatibility with various network topologies and local accounts.

Additionally, built-in NTLM components in existing Windows systems are being replaced with the Negotiate protocol, enabling the use of Kerberos for both local and domain accounts.

NTLM, a proprietary Microsoft protocol, uses a challenge/response model to authenticate users without transmitting passwords or their hashes over the network.

Kerberos, on the other hand, is a network authentication protocol that uses key-based systems for client/server applications, providing secure authentication services independent of host operating systems and physical network security.

For more details, please visit Microsoft Security Blog.

Keep visiting for more such awesome posts, internet tips, lifestyle tips, and remember we cover,
“Everything under the Sun!”

inspire2rise 2024 refresh

Follow Inspire2rise on Twitter. | Follow Inspire2rise on Facebook. | Follow Inspire2rise on YouTube

I am a SAP consultant. An IT engineer from New Delhi, I love social media and insights into human behaviour and why people do what they do!

Learn more about  TV Streaming Trends in India for 2020!
Microsoft to Phase Out NTLM Authentication in Windows 11 by Late 2024

Leave a Comment

Discover more from Inspire2Rise

Subscribe now to keep reading and get access to the full archive.

Continue reading