In a bid to improve security, Microsoft deprecates NTLM in Windows 11

Microsoft is introducing a host of security-oriented changes to Windows 11, the most notable being the deprecation of NTLM (NT LAN Manager) in the second half of 2024.

Microsoft’s official blog post, while discussing the change, reads,

Deprecating NTLM has been a huge ask from our security community as it will strengthen user authentication, and deprecation is planned in the second half of 2024.

For the unversed, NTLM is an outdated Microsoft protocol that’s regularly exploited by threat actors across the globe. Cyber experts have long raised concerns about the security aspects of NTLM.

In the recent past, Microsoft rolled out several changes to reduce dependence on NTLM, for instance, the two new authentication methods in Windows 11. It included Kerberos, a far more secure alternative!

While announcing the new authentication methods in Oct’23, Microsoft confirmed it plans to eliminate the use of NTLM amongst Windows users. It appears that the task will be achieved by the end of 2024.

Other notable changes to Windows 11 security include support for passkey in Windows Hello, Local Security Authority protection, Smart App Control, Trusted Signing, Win32 app isolation, and VBS enclaves, amongst others.

These new capabilities won’t just protect your PC against cyberattacks but also from localized threats like apps and drivers. Microsoft also recently introduced Zero Trust DNS to block encrypted traffic from malware.

What other security-oriented changes do you want Microsoft to implement? Share with our readers in the comments section.