Re: Win2K3 Password Hashing Algorithm

Giganews Newsgroups
Subject: Re: Win2K3 Password Hashing Algorithm
Posted by:  jwgoerli…@gmail.com
Date: Thu, 28 Jun 2007

Windows 2003/XP has three methods: LM (MD4), NTLM hash (MD4), and
NTLMv2 (MD5). Only NTLMv2 is needed. The rest are for backwards
compatibility.

You can use only NTLMv2 by using the "LAN Manager authentication
level" group policy setting. This is under:

Computer Configuration > Windows Settings > Security Settings > Local
Policies > Security Options

Regards,

J Wolfgang Goerlich

On Jun 28, 10:36 am, Alan Mott <AlanM.…@discussions.microsoft.com>
wrote:
> Does anyone out there know what hashing algorithm Win2K3 server/XP uses as
> part of its authentication process? I'm given to understand that the NT Hash
> is based on MD4. I find it hard to believe that Windows still appears to be
> using a discredited hashing algorithm for its authentication, and hasn't
> moved on to using MD5, Diffie-Hellman or SHA-1.

Replies

None

In response to

Win2K3 Password Hashing Algorithm posted by Alan Mott on Thu, 28 Jun 2007