Home / Technology / NTLMv1 Weakness: Passwords Cracked in Hours
NTLMv1 Weakness: Passwords Cracked in Hours
17 Jan
Summary
- A new database allows cracking of NTLMv1 hashed passwords.
- This tool enables password recovery in under 12 hours.
- Legacy systems in healthcare and industry still use NTLMv1.
Security experts have unveiled a powerful new tool designed to crack passwords protected by Microsoft's NTLMv1 hashing algorithm. This development, spearheaded by security firm Mandiant, involves a readily accessible rainbow table hosted on Google Cloud. The tool dramatically reduces the time and resources required to expose NTLMv1-protected credentials, making them vulnerable to compromise in under 12 hours with affordable consumer hardware.
The continued use of NTLMv1, despite its long-recognized security flaws dating back to research published in 1999, is a significant concern. Many organizations, especially in critical sectors like healthcare and industrial control, still rely on this outdated protocol due to dependencies on legacy applications that cannot be easily updated. The migration process for mission-critical systems also presents substantial challenges related to potential downtime and cost.
Mandiant's release aims to equip security professionals with a practical demonstration of NTLMv1's insecurity, encouraging faster migration to more robust security measures like NTLMv2. Microsoft itself only announced plans to deprecate NTLMv1 recently, highlighting the slow pace of adopting updated security protocols across the industry, leaving many organizations exposed to trivial credential theft.
