Re: Did anyone else read "NSA recommended"...
"but the underlying passwords are still stored using the NTLM hashing scheme."
Ever since Windows 2008 onwards when you install a new domain, the "NoLMHash policy" is set by default which disables the storing of the NTLM hash...