Microsoft Urges Users to Finally Ditch NTLM Authentication

Seeking to Add Urgency, Mandiant Publishes Rainbow Tables for NTLM Key Hashes Mathew J. Schwartz (euroinfosec) • February 5, 2026

Organizations clinging to a Microsoft suite of authentication protocols long supplanted by a faster and more secure alternative are under renewed pressure to give up the NTLM ghost.

See Also: Segmentation and Zero Trust: The Maturity Challenge

Microsoft officially deprecated all versions of NTLM in June 2024 - but the feature has still been available, even if it's no longer under active development.

The computing giant said late last month it will now disable NTLM by default in the next version of Windows Server. It encouraged users to use recently-released auditing tools for ferreting out how and where the protocol is being used. Microsoft urged organizations to "map dependencies across applications and services," working with their vendors when necessary, as part of their first phase of ditching every flavor ...