312-50V11 · Question #327
What statement is true regarding LM hashes?
The correct answer is D. LM hashes are not generated when the password length exceeds 15 characters.. LM (LAN Manager) hashes have well-known weaknesses, including not being generated at all when the Windows password exceeds 14 characters.
Question
What statement is true regarding LM hashes?
Options
- ALM hashes consist in 48 hexadecimal characters.
- BLM hashes are based on AES128 cryptographic standard.
- CUppercase characters in the password are converted to lowercase.
- DLM hashes are not generated when the password length exceeds 15 characters.
How the community answered
(23 responses)- A4% (1)
- C4% (1)
- D91% (21)
Why each option
LM (LAN Manager) hashes have well-known weaknesses, including not being generated at all when the Windows password exceeds 14 characters.
LM hashes are 32 hexadecimal characters long (128-bit output split into two 64-bit halves), not 48 characters.
LM hashes are based on DES (Data Encryption Standard), not AES128.
LM hashing converts lowercase characters to UPPERCASE before hashing, not the reverse, which reduces the keyspace and weakens the hash.
Windows does not generate an LM hash when a password is longer than 14 characters; instead, only an NT hash is stored. This is a security behavior where Microsoft effectively disables the weaker LM hash for long passwords, making the account more resistant to LM-based cracking attacks.
Concept tested: LM hash algorithm behavior and limitations
Source: https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/prevent-windows-store-lm-hash-password
Topics
Community Discussion
No community discussion yet for this question.