!!! Overview
[{$pagename}] ([NT hash]) of the [password] is calculated by using an unsalted [MD4] [hash algorithm|Hash Function]. 

%%warning
The security of [MD4] and therefore [{$pagename}] has been __severely__ compromised and is considered [Cryptographically Weak] and lacks [Collision Resistance].
%%

[{$pagename}], introduced in [Windows Server NT] 4.0 SP4, is a [password-based] [challenge-response Authentication Mechanism]. 

[{$pagename}] is intended as a cryptographically strengthened replacement for [NTLMv1].

[{$pagename}] was natively supported in [Windows Server 2000], enhances [NTLM] security by hardening the protocol against many spoofing attacks, and adding the ability for a server to authenticate to the client.

[{$pagename}] sends two responses to an 8-byte server challenge. 

Each response contains a 16-byte [HMAC-MD5] hash of the server challenge, a fully/partially randomly generated client challenge, and an [HMAC-MD5] hash of the user's [password] and other identifying information. 

The two responses differ in the format of the client challenge. The shorter response uses an 8-byte random value for this challenge. 

In order to verify the response, the server must receive as part of the response the client challenge. 

For this shorter response, the 8-byte client challenge appended to the 16-byte response makes a 24-byte package which is consistent with the 24-byte response format of the previous [NTLMv1] protocol. In certain non-official documentation (e.g. DCE/RPC Over SMB, Leighton) this response is termed LMv2.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [NT_LAN_Manager|Wikipedia:NT_LAN_Manager/|target='_blank'] - based on information obtained 2016-06-12-