Politecnico di Torino
In this paper, the authors investigate some authentication mechanisms used in windows. In particular, the NTLM authentication protocol, which is commonly used in several solutions from Microsoft, is analyzed. The NTLM authentication is completely unsafe in several variants of use and some of its weaknesses previously known. A critical analysis is done, the weaknesses are explained and the safe solutions are underlined. As a practical example it is shown how the NTLM authentication from SharePoint based portals can be exploited to steal passwords and how to configure the NTLM for a safe use.