PingSentry   |   Blog   |   System32   |   GitHub   |   Free tools
Server Monitoring with EventSentry
  • Features
    EventSentry v5.0 New Features
    Event Log Monitoring SIEM to the core
    Validation Scripts
    Health Monitoring
    Compliance
    ADMonitor
    ADMonitor
    Reporting
    Log File Monitoring
    Network
    Enviroment
    Environment
    Notifications
    Consolidation
    EventSentry_logo_color_badge

    Why EventSentry?
  • Solutions
    Finance & Banking
    Event Log Monitoring
    Government
    CMMC
    Healthcare
    HIPAA
    Education
    IT Security
  • Downloads
    Evaluation
    Download EventSentry
    EventSentry Light
    EventSentry Light
    Admin Assistant
    Admin Assistant
    SysAdmin Tools
    Roadmap
    Roadmap
    EventSentry History
    Version History


    FREE
    Fully Functional Evaluation
    Download Now
  • Support
    Knowledge Base
    Knowledge Base
    How-to Guides
    EventSentry Documentation
    Documentation
    How To's
    Tutorials
    EventSentry Screencasts
    Screencasts
    EventSentry Support
    Request Support
    EventSentry Documentation

    EventSentry v5.0.1 Documentation
  • Purchase


    Product Sheet
    EventSentry Pricing
    Pricing
    EventSentry Quote
    Request a quote
    Request Demo
    Schedule a demo
    Testimonials
    Testimonials
Login Download

Passwords: Storing LAN Manager hash

8fbc83d9-7409-41aa-bf3c-a2360a8d9749

The LAN Manager hash is relatively weak and prone to attacks compared to the cryptographically stronger NTLM hash. Because the LM hash is stored on the local device in the security database, the passwords can be compromised if the security database, Security Accounts Manager (SAM), is attacked.

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change

Remediation

https://support.microsoft.com/en-us/help/299656/how-to-prevent-windows-from-storing-a-lan-manager-hash-of-your-passwor

Stig Server: 2016 - https://www.stigviewer.com/stig/microsoft_windows_server_2016/2021-09-29/finding/V-225053
2019 - https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93467
Stig Desktop: https://www.stigviewer.com/stig/windows_10/2019-01-04/finding/V-63797
https://www.stigviewer.com/stig/windows_10/2021-03-10/finding/V-220937



Tags

stig-high-server stig-high-desktop compliance-desktop compliance-server security-desktop security-server server desktop
  • Knowledge Base
  • Documentation
  • Tutorials
  • Screencasts
  • Validation Scripts
  • Support Center

Resources
  • Tutorials
  • Screencasts
  • Knowledge Base
  • Blog
  • Solutions
  • Support Center
  • MyEventlog
  • System32
About
  • About Us
  • Live Demo
  • In the Press
  • Testimonials
  • Our Customers
  • Our SysAdmin Promise
  • NETIKUS.NET ltd
Contact Us
  • 1-877-NETIKUS
  • 1-312-624-7698
  • sales@netikus.net
  • support@netikus.net

MON-FRI, 8AM-5PM CST


Social
  • EventSentry Facebook EventSentry LinkedIn EventSentry Twitter EventSentry YouTube
Copyright (c) 2002-2023 NETIKUS.NET ltd | Server Monitoring | Event Log Monitoring | Network Monitoring

NETIKUS.NET ltd is a software development company based in Chicago, IL
All rights reserved. This website www.eventsentry.com is part of the www.netikus.net network

XHTML   |   Privacy Policy