Microsoft has updated the official list of deprecated features in client versions of Windows 10 and 11 with password payloads in MPR notifications. This component of the operating system follows this month's additions, such as Test Base for Microsoft 365 (an Azure cloud service for application testing) and TLS server authentication certificates using RSA keys with key lengths shorter than 2048 bits.
Microsoft will turn off password payload in MPR in Windows 11 version 24H2 (coming later this year as Windows 11 "2024 Update") using a group policy for NPLogonNotify and NPPasswordChangeNotify APIs. Although the APIs will remain available for some time, Microsoft says it will remove them at some point in a future Windows release, which is what happens to most deprecated features.
Here is how the official documentation describes the APIs:
NPLogonNotify function (npapi.h)
MPR calls this function to notify the credential manager that a logon event has occurred, allowing the credential manager to return a logon script. The NPLogonNotify function is implemented by a credential manager DLL (see Remarks).
NPPasswordChangeNotify function (npapi.h)
MPR calls this function to notify the credential manager of a password change event. The NPPasswordChangeNotify function is implemented by a credential manager DLL.
The main reason for deprecating NPLogonNotify and NPPasswordChangeNotify APIs is security. According to Microsoft, those APIs allow the caller to retrieve users' passwords, "presenting potential risks for password exposure and harvesting by malicious users."
Naturally, some customers might still need the deprecated APIs, so Microsoft allows including password payloads in MPR notifications via the EnableMPRNotification policy.
Password payloads in MPR notifications are only the third feature Microsoft deprecated this year. In 2023, the company announced the end of the road for many more Windows 10 and 11 components. Check out our comprehensive list of every Windows feature Microsoft deprecated in 2023.
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.