The NTLM protocol was conceived to connect several Windows machines to one another or to a server. The protocol provides security through the monitoring of clients’ access rights. Windows uses NTLM as a single sign-on process (SSO); users only have to log in once to then have access to various applications within the domain.
NTLM is now considered outdated, and Microsoft uses Kerberos instead. This newer authentication protocol is more secure. However, NTLM is still in use, especially to support older services. If you are an administrator of a larger network, it may be advisable to stop using the NTLM protocol where it is not necessary. This will help to ensure that no client unintentionally logs in to the network while using it, thereby creating a potential security breach.