Passwords: Storing LAN Manager hash | EventSentry

PingSentry | Blog | System32 | GitHub | Free tools

Passwords: Storing LAN Manager hash

8fbc83d9-7409-41aa-bf3c-a2360a8d9749

The LAN Manager hash is relatively weak and prone to attacks compared to the cryptographically stronger NTLM hash. Because the LM hash is stored on the local device in the security database, the passwords can be compromised if the security database, Security Accounts Manager (SAM), is attacked.

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change

Remediation

https://support.microsoft.com/en-us/help/299656/how-to-prevent-windows-from-storing-a-lan-manager-hash-of-your-passwor

Stig Server: 2016 - https://www.stigviewer.com/stig/microsoft_windows_server_2016/2021-09-29/finding/V-225053
2019 - https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93467
Stig Desktop: https://www.stigviewer.com/stig/windows_10/2019-01-04/finding/V-63797
https://www.stigviewer.com/stig/windows_10/2021-03-10/finding/V-220937

Tags

stig-high-server stig-high-desktop compliance-desktop compliance-server security-desktop security-server server desktop