Aaron Graves, PhDude (Replica)

Empowering people to reach their full potential

ntlm hash calculator

Posted on February 16, 2026 by Admin

NTLM Hash Calculator

Enter a password or phrase to calculate its NTLM hash (MD4 of UTF-16LE text).

Use only for authorized security testing, recovery, and interoperability work.

What this NTLM hash calculator does

This tool computes an NTLM hash from the text you provide. In Microsoft authentication systems, an NTLM hash is generated by taking the password, encoding it as UTF-16LE, and running the MD4 hash algorithm over that byte stream.

The output is a 32-character hexadecimal digest. For example, the NTLM hash of password is: 

8846F7EAEE8FB117AD06BDD830B7586C

How to use this page

  • Enter a password or passphrase into the input field.
  • Click Calculate NTLM Hash.
  • Copy the resulting hash with the Copy Hash button.
  • Use Clear to reset everything quickly.

The calculation happens entirely in your browser. Nothing is sent to a server by this page.

How NTLM hashing works (quick technical breakdown)

1) Convert plaintext to UTF-16LE

NTLM does not hash ASCII bytes directly. It first converts the password string into UTF-16LE. That means each character becomes two bytes in little-endian order.

2) Run MD4 on those bytes

MD4 is a legacy cryptographic hash function. NTLM still uses it for historical compatibility, even though MD4 is not considered secure for modern password storage by itself.

3) Print hexadecimal digest

The resulting 16-byte digest is displayed as 32 hexadecimal characters. This is the value commonly called the “NT hash” or “NTLM hash.”

Common security and admin use cases

  • Lab testing and protocol education in Active Directory environments.
  • Password audit workflows where permission has been explicitly granted.
  • Interoperability checks between tools that require NT hash format input.
  • Validation of known test vectors during development of security software.

Important limitations and risks

NTLM hashes are not salted and can be vulnerable to offline cracking, especially for weak passwords. In enterprise environments, NTLM also contributes to pass-the-hash attack risk when credentials are exposed.

  • Prefer Kerberos over NTLM when possible.
  • Use strong, unique passwords and enforce length-based policies.
  • Enable multi-factor authentication where available.
  • Restrict local admin reuse and monitor for suspicious lateral movement.

Quick reference examples

  • (empty string)31D6CFE0D16AE931B73C59D7E0C089C0
  • password8846F7EAEE8FB117AD06BDD830B7586C

FAQ

Is this the same as an MD5 or SHA-256 hash?

No. NTLM uses MD4 of UTF-16LE text, which is different from MD5 and SHA-family hashes.

Can I reverse an NTLM hash directly?

Not directly. Hashes are one-way functions. However, weak passwords can often be guessed via dictionary or brute-force attacks, which is why strong password hygiene matters.

Why does case matter?

Password text is hashed exactly as entered. Changing uppercase/lowercase letters changes the UTF-16LE bytes and therefore changes the final NTLM hash.

Final note

This calculator is intended for defensive and educational use. Always obtain proper authorization before testing credentials or systems you do not personally own.

🔗 Related Calculators