Microsoft Phasing Out NTLM in Favor of Kerberos for Enhanced Authentication and Security in Windows 11
- 2023年10月17日
- 技術情報
Microsoft has revealed its plan to phase out NT LAN Manager (NTLM) authentication in Windows 11 to enhance security and focus on bolstering the Kerberos authentication protocol. This move includes the introduction of features like Initial and Pass Through Authentication Using Kerberos (IAKerb) and a local Key Distribution Center (KDC) for Kerberos in Windows 11.
NTLM, a security protocol from the 1990s, was originally designed for user authentication, integrity, and confidentiality. However, it has been replaced by Kerberos since Windows 2000, though it continues to be used as a fallback option. NTLM relies on a three-way handshake for user authentication and uses password hashing, while Kerberos employs a two-part process with encryption.
NTLM has been found to have inherent security weaknesses and is vulnerable to relay attacks, which could potentially allow unauthorized access to network resources.
Microsoft is actively working to address hard-coded NTLM instances in its components as part of its preparation to disable NTLM in Windows 11. These changes will be enabled by default, with no need for additional configuration in most scenarios. NTLM will still be available as a fallback for maintaining compatibility with existing systems.
Asahi
waithaw at 2023年10月17日 10:00:00
大人が楽しめるヒーリング絵本河童のカパと静かな森
パワースポット 日本三大神滝布引の滝
佐藤・広幸ドイツ魂
Himeji Castle姫路城
ボイドタイムお知らせアプリVoid Time 〜月を無視できない〜
撮った写真をカレンダーに撮りカレ
ライブ壁紙竹田城ライブ壁紙
赤ちゃんにっこりBaby+Smile
電子書籍[for iPhone]ターラのアストロロジー
Windows機からiSCSIターゲットに接続する
Organizing the Files easily with Python
[Google AI Studio] Temperatureについて
Copilot key on Microsoft’s new Surface devices