LAN Manager Hash

Why Trust Techopedia

What Does LAN Manager Hash Mean?

The LAN manager hash (LANMAN hash) is an encryption mechanism implemented by Microsoft prior to its release of NTLM. The LANMAN hash was advertised as a one-way hash that would allow end users to enter their credentials at a workstation, which would, in turn, encrypt said credentials via the LANMAN hash.

Advertisements

Techopedia Explains LAN Manager Hash

It turns out that the LANMAN hash is not a true one-way hash. First, regardless of how the end user entered his password, the LANMAN hash would convert the characters into uppercase. Then, if the password was less than 14 characters, the password was null padded to 14 bytes. (This simply means that the hash would add characters to an end user’s password in the event that the selected password was too short). The hash then split the 14 characters into halves, and each 7-byte half was used by the Data Encryption Standard (DES) as two separate keys. This effectively created two 7-byte hashes that were considerably weaker than say, a 14-byte hash, and hackers quickly found that the LANMAN hash was very susceptible to brute force attacks.

Microsoft has since replaced the LANMAN hash with NTLM, and then the Kerberos protocol. However, LANMAN is still available in newer systems in order to allow for backward compatibility with legacy systems.

Advertisements

Related Terms

Margaret Rouse
Technology Specialist
Margaret Rouse
Technology Specialist

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.