HomeWinBuzzer NewsMicrosoft to Phase Out NTLM Authentication, Kerberos to Take Over

Microsoft to Phase Out NTLM Authentication, Kerberos to Take Over

NTLM will remain functional in the 2024 update for Windows 11, version 24H2, and Windows Server 2025, but no longer receive new features.

-

Microsoft has decided to discontinue NTLM (New Technology LAN Manager) authentication in upcoming versions of Windows. This action is part of an effort to improve security across its operating systems by transitioning away from older protocols.

NTLM will remain functional in the 2024 update for Windows 11, version 24H2, and Windows Server 2025, but it will no longer receive new features. Microsoft is pushing for the adoption of the Negotiate protocol, which defaults to Kerberos for authentication, switching to NTLM only when absolutely necessary.

NTLM first appeared in 1993 with Windows NT 3.1 and has been a key part of Windows security architecture. Even with its long history, NTLM is now regarded as outdated. Kerberos, available since Windows 2000 Service Pack 4 (SP4), is considered a more secure alternative.

Security Concerns

The shift is driven by a need to enhance security. Modern protocols like Kerberos are deemed more secure than NTLM. Microsoft notes that developers can often switch from NTLM to Negotiate with a minor change in their AcquireCredentialsHandle request to the Security Support Provider Interface (SSPI). However, applications that have hard-coded assumptions about authentication methods might need more extensive modifications.

Guidance for Developers and IT Pros

Microsoft has provided resources to help developers and IT administrators move away from NTLM. The company underscores the necessity of adopting more secure authentication methods to ensure both compatibility and security in the future. Detailed information is available on Microsoft’s official documentation and the Feedback Hub app.

NTLM will still be functional in the upcoming Windows updates, but Microsoft is urging users to transition to more secure protocols. This initiative aims to enhance Windows security features and overall system integrity.

For further details, Microsoft directs users to its resources on deprecated features. The company welcomes feedback and questions through the Feedback Hub app, aiming to support users and developers in this transition.

SourceMicrosoft
Markus Kasanmascheff
Markus Kasanmascheff
Markus has been covering the tech industry for more than 15 years. He is holding a Master´s degree in International Economics and is the founder and managing editor of Winbuzzer.com.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Mastodon