Microsoft has announced that the phase-out of NT LAN Manager (NTLM) is now transitioning to disabling the protocol by default, in an effort to increase security in Windows 11 and Windows Server.
NTLM is a series of security protocols that were introduced in the 1990s, but since Kerberos became the default protocol in Windows 2000, its use has declined with each passing year.
Still, many legacy enterprise systems still support or use NTLM, making them vulnerability to NTLM relay attacks, for example. And while Microsoft administrators have been preparing for the demise of NTLM for years, many still struggle to rid their networks of the protocol.
In recent years, hackers have exploited NTLM flaws to gain full access to networks, so the disadvantages of supporting it outweigh the advantages. Microsoft now considers NTLM deprecated.
A timetable for the deactivation can be found on the Windows IT Pro Blog.