Forum Discussion

TherealKillerbe's avatar
TherealKillerbe
Copper Contributor
Mar 19, 2024

NTLMv1 authentication

I know this is long overdue, but in pursuit.

I have identified our Radius servers (Windows Server 2019 NPS) as the main source of NTLMv1 authentications taking place. I want to disable NTLMv1 and LM, and enforce at least NTLMv2 within our Windows Environment.

 

The radius servers are used to provide network access, wired and wireless. How can we make sure that NTLMv1 is no longer used?

 

Active Directory
Networking
Windows Server

1 Reply

Sort By
  • yanqian's avatar
    yanqian
    Copper Contributor
    Jul 06, 2025

    Please refer to this article, you can enable NTLMv2 authentication by adding this registry entry.

    VPN connections fail when using the MS-CHAPv2 authentication - Windows Server | Microsoft Learn

    1. Select Start > Run, type regedit in the Open box, and then select OK.
    2. Locate and select the following registry subkey:
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteAccess\Policy
    3. On the Edit menu, point to New, and then select DWORD Value.
    4. Type Enable NTLMv2 Compatibility, and then press ENTER.
    5. On the Edit menu, select Modify.
    6. In the Value data box, type 1, and then select OK.
    7. Exit Registry Editor.

Resources