NTLM is a Microsoft network authentication protocol that is based on a Challenge/Response security mechanism. NTLM uses information gathered during an interactive logon process to authenticate users. The information used is a domain name, a user name, and a one-way hash of the user password. NTLM uses encrypted Challenge/Response that does not require the user password to be sent over the network. Rather the system requesting authentication has to perform a calculation on the hash to prove it has access to the secured NTLM credentials. The Microsoft Kerberos Security package has better security than NTLM and is often used in preference.