What is ntlm

Last updated: April 1, 2026

Quick Answer: NTLM (NT LAN Manager) is a security authentication protocol used primarily by Windows systems to authenticate users on local and network connections. It verifies user credentials and enables secure access to network resources without transmitting passwords over the network.

Key Facts

NTLM was introduced by Microsoft in Windows NT and remains widely used in legacy Windows environments
The protocol uses a challenge-response mechanism to authenticate users without exposing passwords
NTLM is considered less secure than Kerberos, which is the preferred authentication method in modern Windows domains
NTLM is commonly used for authentication in HTTP, SMTP, and other protocols when Kerberos is unavailable
The protocol is gradually being phased out in favor of Kerberos but remains necessary for backward compatibility in many organizations

Overview

NTLM (NT LAN Manager) is a suite of security protocols developed by Microsoft to provide authentication for Windows systems. Originally introduced with Windows NT, NTLM has been the default authentication method for Windows networks for decades. While newer protocols like Kerberos have largely replaced it for domain authentication, NTLM remains widely used in legacy systems and specific scenarios where Kerberos is not available.

How NTLM Authentication Works

NTLM uses a three-way challenge-response authentication process. When a user attempts to access a resource, the server sends a challenge (a random number) to the client. The client's system hashes the user's password and uses it to encrypt the challenge, then sends the response back to the server. The server compares this response to its own calculation, confirming the user's identity without ever transmitting the actual password across the network. This approach is more secure than sending passwords in plaintext but has vulnerabilities compared to more modern protocols.

NTLM vs. Kerberos

While NTLM and Kerberos both provide network authentication, Kerberos is generally considered more secure and is the preferred method in modern Windows domain environments. Kerberos uses symmetric cryptography and ticket-based authentication, while NTLM relies on challenge-response mechanisms. However, NTLM remains necessary in many organizations for backward compatibility with older systems and for non-domain authentication scenarios.

Modern Usage and Security Considerations

NTLM is still used for legacy systems, local machine authentication, and in environments where Kerberos cannot be deployed. However, security professionals recommend migrating to Kerberos or other modern authentication methods where possible, as NTLM has known vulnerabilities that can be exploited. Microsoft has issued guidance to phase out NTLM authentication, but the widespread nature of Windows systems means it will likely remain in use for many years in some capacity.

More What Is in Daily Life

What Is a Credit ScoreA credit score is a three-digit number, typically ranging from 300 to 850, that represents your cred…
What Is CD rates make no sense based on length of time invested. Explain like I'm 5CD (Certificate of Deposit) rates often don't increase with longer lock-up times the way people expe…
What is a phdA PhD (Doctor of Philosophy) is a doctoral degree earned after completing advanced academic research…
What is a polymathA polymath is a person with deep knowledge and expertise across multiple different fields or academi…
What is aaveAAVE stands for African American Vernacular English, a dialect with distinct grammar, pronunciation,…
What is aarch64ARMv8-A (commonly called ARM64 or AArch64) is a 64-bit processor architecture developed by ARM Holdi…
What is about menTopics and discussions about men typically encompass masculinity, male identity, gender roles, men's…
What is abiturAbitur is the German academic qualification awarded upon completion of secondary education, typicall…
What is abrosexualAbrosexual is a sexual orientation identity where a person's sexual attraction changes or fluctuates…
What is abgABG is an Indonesian acronym standing for 'Anak Baru Gede,' which refers to adolescent girls or teen…
What is aaaAAA batteries are a standard cylindrical battery size measuring 10.5mm in diameter and 44.5mm in len…
What is aacAAC (Advanced Audio Codec) is a digital audio compression format that provides better sound quality …
What is aaa gameAAA games are high-budget video games developed by large studios with budgets typically exceeding $1…
What is a proxyA proxy is a server that acts as an intermediary between your device and the internet, forwarding yo…
What is ableismAbleism is discrimination and prejudice against people with disabilities based on the assumption tha…
What is absAbs, short for abdominal muscles, are the muscles in your core that flex your spine and stabilize yo…
What is abortionAbortion is a medical procedure that ends pregnancy by removing the fetus before viability. It can b…
What is accutaneAccutane (isotretinoin) is a powerful prescription medication derived from vitamin A used to treat s…
What is acetaminophenAcetaminophen, also known as paracetamol, is an over-the-counter pain reliever and fever reducer use…
What is acidAcid is a chemical substance that donates protons (hydrogen ions) to other substances, characterized…