Firefox recently disabled pre-NTLMv2 authentication in Firefox 30. This can cause issues in SharePoint and other IIS based sites.
To re-enable NTLMv1 support type about:config
in the location bar, click the “I’ll be careful” button, find network.negotiate-auth.allow-insecure-ntlm-v1
, double-click on it to change the value to true
.
Below is what Firefox wrote in their release notes.
NTLMv1 auth has been disabled, NTLM support on non-Windows platforms is now deprecated
- Bug 828183 – Firefox enables insecure NTLM (pre-NTLMv2) authentication
- Bug 999306 – Allow generic NTLM v1 if pref set
- Bug 1023748 – Allow NTLMv1 over SSL/TLS, or intranet access is broken on Firefox 30 for non-Windows platforms
The support for the NT LAN Manager version 1 (NTLMv1) network authentication has been disabled because it’s known as insecure. Companies and organizations still deploying the older protocol should upgrade to NTLMv2. See Honza Bambas’ blog post and Jason Duell’s post to the dev-planning list for details.
This is affecting SharePoint-based or IIS-backed intranet applications. If you encounter any problems on Firefox 30 or later, you can manually enable NTLMv1 using a preference. Note that NTLMv2 is not supported on non-Windows platforms, so OS X and Linux users have to toggle the preference to continue using NTLMv1 as below, though the NTLM auth support on non-Windows platforms is considered deprecated.
https://developer.mozilla.org/en-US/Firefox/Releases/30/Site_Compatibility