Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks.

February 2026 Patch Tuesday restricts Windows credential autofill to fix a Windows Hello input injection flaw (CVE-2026-20804).

Microsoft is preparing one of the most consequential security shifts in Windows in decades, turning off NTLM authentication ...

Microsoft has blocked credential autofill on Windows 11 to address CVE-2026-20804, a Windows Hello vulnerability allowing biometric injection attacks.

Finally, with Windows Server 2025 and Windows 11 24H2, Microsoft is taking a definitive step to eliminate an historical security weakness: NTLM v1 is being completely removed! It was already disabled ...

A fix introduced into Windows last month to close a weakness in Kerberos authentication is causing logon failures for some Windows Hello for Business (WHfB) users, Microsoft has warned. In theory, the ...

Update: Republished on March 30 with news of a workaround to new sign-in requirements and more passkey information. All change for Microsoft. The company has suddenly ...

Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain controllers. The list of impacted platforms includes Windows Server 2016, Windows ...

A comprehensive developer guide to implementing secure authentication in modern applications. Covers OAuth 2.0, OIDC, passwordless authentication, passkeys, and enterprise SSO with production-ready ...

Microsoft will disable NTLM support in upcoming Windows releases and enhance Kerberos and Windows authentication to reduce ...

Future Windows updates will disable NTLM authentication, bolstering security and protecting users against legacy protocol ...