FAQ: Why Was the NTLM Framework Removed from Cincom Smalltalk?
Some Cincom Smalltalk users have noted that the NTLM framework was removed from the product and wondered why. The reason for the removal of NTLM was that Microsoft no longer recommends NTLM in applications:
“Implementers should be aware that NTLM does not support any recent cryptographic methods, such as AES or SHA-256. It uses cyclic redundancy check (CRC) or message digest algorithms (RFC1321) for integrity, and it uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320 and FIPS46-2. Therefore, applications are generally advised not to use NTLM.”
Currently, supported AUTH schemes are:
We recommend using all of them over a secure connection.