Enable Network Level Authentication (NLA) in Windows XP


This how-to will describe how to enable NLA on Win XP. It is a fairly simple process, but there are some minor caveats to consider. As well as a major chance to break the windows install. Step lightly folks.

Steps (5 total)


Log in as an admin

You can use any account that has local administrative rights.


Check for update compliance

For Windows XP to be able to use NLA, it must first be updated to SP3. Additionally, I would suggest installing the RDP v.7 update as well since it brings the full functionality of NLA into play.


Open the registry editor

Here is where things can get dangerous. If you do not feel safe doing the following, DO NOT DO IT! You could seriously break your machine if you do something other than what is described.


Navigate to and modify the registry keys

There are two keys to change. The first is located at:


You are going to modify the key named ‘Security Packages’
Add ‘tspkg’ to the listing of security packages. Do not remove any packages.

The second key is located at:


You are going to modify the key named ‘SecurityProviders’
Add ‘credssp.dll’ to the listing of Security Providers.

Close the registry editor.


Restart the computer.

After the restart is complete. Test the NLA functionality by attempting to RDP to a server that only accepts RDP connections from machines that use NLA.

If it works, you have succeeded. If it does not work, then you should check to ensure that the above defined changes have been made correctly.


Alternative Option:

Lower down the authentication level of Remote Desktop Connection on Server side

Uncheck the box

Allow connections only from computers running Remote Desktop with Network Level Authentication