NTLM authentication: still broken after all these years
Source: The Register UK - Posted by Alex   
Host Security A 15-year-old vulnerability in technology used to authenticate users on Windows and Unix networks continues to put the organizations that rely on it at risk, a security researcher said on Thursday. Short for NT LAN Manager, NTLM and its offspring, NTLMv2, is a challenge-and-response protocol for logging onto Microsoft accounts over Windows or Unix networks. While it encrypts credentials to prevent them from being captured, it still leaves much to be desired from a security perspective, says Marsh Ray, a researcher who was scheduled to speak about the weakness on Thursday at the Usenix Security Symposium in Washington, DC.

“The deeper problem is that NTLMv1-2 provide absolutely no protection against credentials forwarding/relay or reflection attacks,” Ray, who is a software developer at two-factor authentication service PhoneFactor, wrote in an email sent to journalists. “This means that an active attacker (such as a man-in-the-middle) is sometimes able to redirect the login of the legitimate user to authenticate his own session.

Read this full article at The Register UK

Only registered users can write comments.
Please login or register.

Powered by AkoComment!