Authentication is the means by which a user is identified and authorized. Telnet Server supports two methods of authentication: NTLM and plain-text.
If you use NTLM authentication, Windows-based clients use the Windows security context for authentication, and the user is not prompted for a user name and password. The user name and password are encrypted.
If you configure Telnet Server not to use NTLM authentication, or if the client does not support NTLM authentication, the user name and password are sent to the Telnet server as plain text. Anyone capturing the packets of the authentication process can easily read the password and use it to gain unauthorized access to your network. The use of plain-text authentication is therefore highly discouraged, especially for virtual private network connections.
If User Must Change Password at Next Logon is set for a user, an attempt to log on to the Telnet server fails when NTLM authentication is used. The user must log on to the server directly and change the password, and then log on through Telnet.
Because of a limitation of NTLM authentication mechanism, if you connect to Telnet Server using NTLM authentication, execution of commands which require user credentials will fail unless you provide your user name and password again. For example, you will not be able to access additional network resources using net use unless you provide your user name and password on the command line.
For information about how to set authentication methods, see To set authentication methods.