--- title: Network security Minimum session security for NTLM SSP based (including secure RPC) clients (Windows 10) description: Describes the best practices, location, values, policy management and security considerations for the Network security Minimum session security for NTLM SSP based (including secure RPC) clients security policy setting. ms.assetid: 89903de8-23d0-4e0f-9bef-c00cb7aebf00 ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library author: brianlic-msft --- # Network security: Minimum session security for NTLM SSP based (including secure RPC) clients **Applies to** - Windows 10 Describes the best practices, location, values, policy management and security considerations for the **Network security: Minimum session security for NTLM SSP based (including secure RPC) clients** security policy setting. ## Reference This policy setting allows a client device to require the negotiation of 128-bit encryption or NTLMv2 session security. These values are dependent on the **Network security: LAN Manager Authentication Level policy** setting value. ### Possible values - Require NTLMv2 session security The connection fails if strong encryption (128-bit) is not negotiated. - Require 128-bit encryption The connection fails if the NTLMv2 protocol is not negotiated. ### Best practices Practices in setting this policy are dependent on your security requirements. ### Location Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options ### Default values The following table lists the actual and effective default values for this policy. Default values are also listed on the policy’s property page.
Server type or GPO | Default value |
---|---|
Default Domain Policy |
Not defined |
Default Domain Controller Policy |
Not defined |
Stand-Alone Server Default Settings |
Require 128-bit encryption |
DC Effective Default Settings |
Require 128-bit encryption |
Member Server Effective Default Settings |
Require 128-bit encryption |
Client Computer Effective Default Settings |
Require 128-bit encryption |