NTLM stands for NT LAN Manager, a Microsoft authentication protocol.
Description
NTLM is a challenge-response authentication protocol used by Microsoft to authenticate clients and servers in a Windows environment. Initially introduced in the early 1990s, NTLM was designed to replace the older LAN Manager (LM) protocol and provides a more secure method of authenticating users. NTLM operates by using a series of hashed passwords and challenge-response mechanisms to verify a user's identity without sending the actual password over the network. While NTLM provides a basic level of security, it has known vulnerabilities, particularly to relay attacks and brute-force cracking. As a result, it is often recommended to use more secure protocols, such as Kerberos, in environments where enhanced security is required. However, NTLM remains in use for backward compatibility with older systems and applications. Understanding NTLM is crucial for managing Non-Human Identities (NHIs) in environments where service accounts or automated processes require authentication, ensuring safe and secure operations.
Examples
- Service accounts in Windows Server environments may use NTLM for authentication.
- Legacy applications that do not support Kerberos may rely on NTLM for user authentication.
Additional Information
- NTLM is less secure than modern authentication methods like Kerberos.
- It is important to monitor and manage NTLM usage to mitigate security risks.
References
- Shining the Spotlight on the Rising Risks of Non-Human Identities
- Non-human identities pose security risks for enterprises - BetaNews
- NHI Characteristics. Non-Human Identities (NHIs)… | Sep, 2024
- Non-Human Identities Security: Breaking down the problem - SlashID
- Identity Security: A Deep Dive into Protecting Non-Human Identities
- What are non-human identities and why do they matter? - CSO Online
- The State of Non-Human Identity Security | CSA
- Non-Human Identity (NHI) Security #cyberark #astrix #entro What is ...
- What is a Non-Human Identity? - CyberArk