Is there any way to enable/convert an NTLM hash for a user account on Windows 7 to a LM hash? I know it's not secure, but I am trying to test something. Is it even possible?
Asked
Active
Viewed 5,556 times
1 Answers
3
NT hashes are NTLM hashes.
If you meant LM hashes, you can enable them via Group Policy (secpol.msc), but the changes will only apply after setting a new password – you cannot convert an existing hash to a weaker one. (This should be somewhat obvious, since the hashing would be entirely pointless if that was possible.)
u1686_grawity
- 426,297
- 64
- 894
- 966
-
Where would I go in the Group Policy? – Matt Sep 27 '11 at 18:50
-
1Under *Local Policies → Security*, set "Network security: Do not store LAN Manager hash" to "Disabled". Optionally, adjust "Network security: LAN Manager authentication level" to accept and/or send LM in addition to NTLM. (Note that this is very insecure and must be reverted after tests.) – u1686_grawity Sep 27 '11 at 18:57