Microsoft is actively working to enhance user authentication by bolstering the reliability and flexibility of Kerberos while reducing its reliance on the older NT LAN Manager (NTLM) authentication protocol. Kerberos has been the default Windows authentication protocol since the turn of the millennium, but there are still scenarios where it proves inadequate, causing Windows to resort to NTLM.  Document FREE Demo Deploy Advanced AI-Powered Email Security Solution Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware Free Demo To address these situations, Microsoft is introducing new features for Windows 11, such as Initial and Pass Through Authentication Using Kerberos (IAKerb) and a local Key Distribution Center (KDC) for Kerberos.  These innovations aim to expand Kerberos’ usability and security, ultimately diminishing the need for NTLM.

Source: GBHackers