312-50V10 · Question #327
What statement is true regarding LM hashes?
The correct answer is D. LM hashes are not generated when the password length exceeds 15 characters.. LM hashes have several well-known weaknesses; among the choices, the technically accurate statement is that Windows does not generate a real LM hash when the password length exceeds a set threshold.
Question
What statement is true regarding LM hashes?
Options
- ALM hashes consist in 48 hexadecimal characters.
- BLM hashes are based on AES128 cryptographic standard.
- CUppercase characters in the password are converted to lowercase.
- DLM hashes are not generated when the password length exceeds 15 characters.
How the community answered
(48 responses)- A2% (1)
- B4% (2)
- C6% (3)
- D88% (42)
Why each option
LM hashes have several well-known weaknesses; among the choices, the technically accurate statement is that Windows does not generate a real LM hash when the password length exceeds a set threshold.
LM hashes produce a 32 hexadecimal character output, not 48 - they consist of two concatenated 16-character DES-based values.
LM hashes are based on DES (Data Encryption Standard), not AES128 - this is a fundamental property of the legacy LAN Manager authentication protocol.
LM hashing converts all password characters to uppercase before processing, not lowercase - this uniformity is one of the reasons the scheme is so weak.
When a Windows account password exceeds 14 characters, the system stores a static dummy LM hash value rather than computing a real one, effectively disabling the weaker LM hash for long passwords. This behavior is a built-in mitigation because LM hashing splits passwords into two 7-character chunks and is trivially brute-forced. The question states 15 characters, which is slightly imprecise (the actual cutoff is 14), but D is the only factually defensible choice among the options.
Concept tested: LM hash properties, limitations, and password length behavior
Source: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change
Topics
Community Discussion
No community discussion yet for this question.