LAN Manager Hash

What Does LAN Manager Hash Mean?

The LAN manager hash (LANMAN hash) is an encryption mechanism implemented by Microsoft prior to its release of NTLM. The LANMAN hash was advertised as a one-way hash that would allow end users to enter their credentials at a workstation, which would, in turn, encrypt said credentials via the LANMAN hash.

Advertisements

Techopedia Explains LAN Manager Hash

It turns out that the LANMAN hash is not a true one-way hash. First, regardless of how the end user entered his password, the LANMAN hash would convert the characters into uppercase. Then, if the password was less than 14 characters, the password was null padded to 14 bytes. (This simply means that the hash would add characters to an end user’s password in the event that the selected password was too short). The hash then split the 14 characters into halves, and each 7-byte half was used by the Data Encryption Standard (DES) as two separate keys. This effectively created two 7-byte hashes that were considerably weaker than say, a 14-byte hash, and hackers quickly found that the LANMAN hash was very susceptible to brute force attacks.

Microsoft has since replaced the LANMAN hash with NTLM, and then the Kerberos protocol. However, LANMAN is still available in newer systems in order to allow for backward compatibility with legacy systems.

Advertisements

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

All Posts by Margaret Rouse

Most Popular Term

Cybersecurity

Formjacking

What is Formjacking? Formjacking is the software equivalent of credit card skimming. It is a portmanteau combining "form" with part...

Full Explanation

Marshall GunnellTechnology Writer

Advertisements

Cybersecurity

Threat Actor

What is a Threat Actor? A threat actor is a term given to describe an entity that can potentially attack...

Full Explanation

Tim KearyTechnology Expert

Cybersecurity

Blagging (Cybersecurity)

What Is Blagging? Blagging is a slang term used to collect someone's personal and confidential information without that person's consent. It's...

Full Explanation

Kuntal ChakrabortyTechnology Writer

Related News

dummy_img

Artificial Intelligence

Google Gemini AI Reactions – Strong Praise, But Questions to Answer

Ray Fernandez12 years

dummy_img

Artificial Intelligence

AI in Biotechnology: The Big Interview with Dr Fred Jordan, Co-Founder of FinalSpark

Maria Webb12 years

dummy_img

Cybersecurity: How to Demonstrate Resilience and Hygiene

Assad Abbas12 yearsTenured Associate Professor

dummy_img

Featured Content

Introducing Green Bitcoin $GBTC: Earn Sustainable Rewards for Accurate Bitcoin Price Predictions.

Alan Draper12 yearsEditor-in-Chief

dummy_img

Bitcoin, USD, and the Changing World Order

Mensholong Lepcha12 yearsCrypto & Blockchain Writer

dummy_img

Artificial Intelligence

Software Development and AI: Will We Enter a No-Code World?

Nicole Willing12 yearsTechnology Writer

Popular Categories
Show All

Artificial Intelligence

Password Managers

Project Management