After Microsoft decided to eliminate 1024-bit TLS in Windows 11, it is the turn of another function that has been with us for years in previous versions of the operating system. This is the payload method in passwords, and the reason for stopping its support is none other than to improve security. A plan that they have been carrying out for a few months and which leaves behind obsolete technologies.
For those less familiar with the technology, a payload is nothing more than information or content sent within a communication, in this case, within a communication. Built-in Windows functions such as NPLogonNotify and NPPasswordChangeNotify. Both Windows services are commonly used and known for a long time, and as I said, they have been with us for a long time, so they both contain information about the login or password change event, such as the username, domain, date and time, etc., but not the password itself.
APIs will be available for a while, but not long
Thus, Redmond has confirmed that after the arrival of Windows 11 version 24H2 at the end of the year, developers will not be able to use these functions for their applications, which will force them to use other types of communications with the Windows device to be able to work with passwords.
And, according to the company, using the NPLogonNotify and NPPasswordChangeNotify APIs presents potential risks of password exposure and collection
Along with this feature, There would be three that Microsoft would charge all at once in their new compilations. The Americans seem very determined to improve the security of their users. If you are a developer, don’t worry, you will still have some time before this API is no longer operational because initially official support will cease, and subsequently they will no longer be compatible. But until then, a few months will pass and we hope to leave in mid-2025.
