NTLM generally refers to the NT hash (MD4 hash of UTF-16-LE encoded password), which is the default hash format used by modern Windows systems. The NT hash is an evolution of the much weaker LM (LAN Manager) hash, which only supports passwords of at most 14 characters (so, either pad nulls or truncate to satisfy the length requirement) and converts the password to uppercase before hashing, making LM hashes very easy to crack. In network authentication, NetNTLM (v1/v2) is used instead to prevent sending hashes directly. Nonetheless, if a user’s hash is leaked, it can be used in NetNTLM authentication (pass-the-hash) without having to know the plaintext.