← Cybersecurity Alphabet Soup

NTLM

NT LAN Manager

identitymedium

NTLM is a legacy Microsoft challenge-response authentication protocol that predates Kerberos in Windows networks. It is vulnerable to relay and pass-the-hash attacks because the password hash itself acts as the credential. Attackers still abuse it constantly, and Microsoft is actively deprecating it, so disabling NTLM where possible is a common hardening step.

Sources

More in identity