Microsoft restricts NTLM usage in Windows

Microsoft announced significant changes to Windows security in June 2026 that will affect authentication methods. As part of these changes, the use of NT LAN Manager (NTLM) will be heavily restricted. This measure is part of a comprehensive plan to improve the security of Windows systems and reduce reliance on outdated technologies.

The new authentication features will initially be introduced in the Canary Channel of the Insider Program. This allows Microsoft to gather feedback from users and identify any issues early on before the changes are rolled out more broadly. The decision to restrict NTLM comes at a time when cyberattacks are becoming increasingly complex and sophisticated.

Background on NTLM

The NT LAN Manager (NTLM) is an authentication protocol that has been used in Windows operating systems since the early 1990s. Although it was widely used in the past, NTLM is now considered outdated and vulnerable to various security risks. Microsoft has previously taken steps to reduce the use of NTLM by promoting more modern protocols like Kerberos.

The restriction of NTLM is part of Microsoft's long-term strategy to enhance the security of its products. With the introduction of new authentication features, it is expected that businesses and organizations will be able to utilize more secure alternatives to NTLM. This could be particularly significant for companies that rely on outdated systems and whose security standards no longer meet current requirements.

Impact on Businesses and Users

The changes could have significant impacts on businesses that still rely on NTLM. Many organizations may need to update or adapt their systems to support the new authentication features. This could require additional costs and resources to ensure the migration to modernized security protocols.

For end users, the transition to new authentication methods may not be immediately noticeable, as Microsoft plans to roll out the changes gradually. Nevertheless, it is important for businesses and IT departments to proactively address the new requirements to ensure a smooth transition. The security of user data and corporate information remains a top priority.

The new features will be tested as part of the Insider Program, meaning they will initially be available to a selected group of users. Microsoft will use the feedback from these users to further optimize the features before they are released to the general public. This is a common approach by Microsoft to ensure that new features are stable and user-friendly.

The decision to heavily restrict NTLM is part of a larger trend in the IT industry focused on improving cybersecurity. Companies worldwide are increasingly challenged to revise and modernize their security protocols to counter the ever-evolving threats posed by cybercrime. Microsoft's initiative could serve as an example for other companies looking to take similar steps towards a more secure IT infrastructure.

The new authentication features are also expected to improve usability by providing safer and more efficient methods for authentication. Microsoft is committed to optimizing the user experience while simultaneously raising security standards. The exact details of the new features are expected in the coming weeks as Microsoft releases more information.