Microsoft’s Plan to Phase Out NTLM for Enhanced Security

Microsoft’s Plan to Phase Out NTLM for Enhanced Security

Posted on By CWS

Key Points

  • Microsoft is planning to gradually disable NTLM authentication.
  • A phased roadmap will guide the transition to more secure protocols.
  • Organizations are encouraged to adopt Kerberos and prepare for changes.

Microsoft’s Transition from NTLM Authentication

In a significant move towards enhancing authentication security, Microsoft has announced its intention to phase out the NTLM (New Technology LAN Manager) protocol. This legacy system has been a staple in Windows environments for over 30 years but is now being replaced by more secure alternatives.

The decision to disable NTLM by default in future Windows releases is part of a larger strategy to bolster security against contemporary threats. This change comes as NTLM’s weaknesses expose systems to various attack vectors, such as replay and pass-the-hash attacks.

Three-Phase Roadmap for Transition

Microsoft’s roadmap to eliminate NTLM involves a carefully structured three-phase plan to minimize disruptions. The first phase, which is already available, focuses on visibility and auditing, allowing organizations to identify where NTLM is used in their systems.

The second phase, expected to roll out in the latter half of 2026, aims to reduce NTLM usage by enabling Kerberos as a fallback. Finally, a future Windows release will disable NTLM by default, although legacy support will remain for specific scenarios.

To assist organizations during this transition, Microsoft will maintain backward compatibility. NTLM can still be re-enabled through policy adjustments, ensuring that businesses with legacy systems can adapt without major interruptions.

Preparing for a Secure Future

As Microsoft moves towards a passwordless future, enterprises are advised to start preparing now. This includes deploying enhanced NTLM auditing, mapping application dependencies, and migrating systems to Kerberos. Testing configurations in non-production environments is also recommended to ensure seamless transitions.

Businesses facing unique challenges with NTLM dependencies are encouraged to reach out to Microsoft through their dedicated support channel at ntlm@microsoft[.]com. This collaborative approach aims to support organizations in navigating these changes effectively.

Conclusion

Microsoft’s phased approach to phasing out NTLM underscores the company’s commitment to strengthening security protocols. By transitioning to Kerberos and other robust authentication systems, organizations can protect against evolving cyber threats while maintaining operational continuity.

Cyber Security News Tags:, , , , , , , , , , , ,

Related Posts

Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability Cyber Security News
Arizona Attorney General Suses Chinese E-commerce Retailer Temu Over Data Theft Claims Arizona Attorney General Suses Chinese E-commerce Retailer Temu Over Data Theft Claims Cyber Security News
Kali Linux 2025.4 Released With 3 New Hacking Tools and Wifipumpkin3 Kali Linux 2025.4 Released With 3 New Hacking Tools and Wifipumpkin3 Cyber Security News
Pro-Iranian Hacktivists Targeting US Networks Department of Homeland Security Warns Pro-Iranian Hacktivists Targeting US Networks Department of Homeland Security Warns Cyber Security News
STX RAT Emerges as a Stealthy Cyber Threat STX RAT Emerges as a Stealthy Cyber Threat Cyber Security News
NightSpire Ransomware Group Claims to Exploit The Vulnerabilities of Orgs to Infiltrate Their Systems NightSpire Ransomware Group Claims to Exploit The Vulnerabilities of Orgs to Infiltrate Their Systems Cyber Security News