NTLM (NT LAN Manager) hashes are a type of cryptographic hash used in Windows operating systems for authentication purposes. When a user enters their password, Windows converts it into an NTLM hash, which is then compared to the stored hash value. If the hashes match, the user is authenticated.
Blank or Null? understanding “31d…”
the string "31d6cfe0d16ae931b73c59d7e0c089c0" is a valid hash. This hash value is associated with a specific case in Windows systems – it represents a blank or null password. When you encounter this hash in the context of Windows security, it indicates that the corresponding user account has either no password (empty) or the password is disabled.
Keep in mind that the validation of a hash’s “validity” depends on the context and the hashing algorithm used. In this case, the hash is commonly associated with password storage in the SAM (Security Account Manager) registry hive on Windows systems.
Eggsec 
Leave a comment