LAN Manager is a discontinued network operating system (NOS) available from multiple vendors and developed by Microsoft in cooperation with 3Com Corporation. It was designed to succeed 3Com's 3+Share network server software which ran atop a heavily modified version of MS-DOS.

The LAN Manager OS/2 operating system was co-developed by IBM and Microsoft, using the Server Message Block (SMB) protocol. It originally used SMB atop either the NetBIOS Frames (NBF) protocol or a specialized version of the Xerox Network Systems (XNS) protocol. These legacy protocols had been inherited from previous products such as MS-Net for MS-DOS, Xenix-NET for MS-Xenix, and the afore-mentioned 3+Share. A version of LAN Manager for Unix-based systems called LAN Manager/X was also available. LAN Manager/X was the basis for Digital Equipment Corporation's Pathworks product for OpenVMS, Ultrix and Tru64.

Despite support from 3Com, IBM, Digital, and Digital Communications Associates, PC wrote in 1989, LAN Manager "has made a very small impression on the market and continues to receive the cold shoulder from buyers" compared to Novell NetWare. The combined companies "pose a strong potential threat", however, the magazine added. In 1990, Microsoft announced LAN Manager 2.0 with a host of improvements, including support for TCP/IP as a transport protocol for SMB, using NetBIOS over TCP/IP (NBT). The last version of LAN Manager, 2.2, which included an MS-OS/2 1.31 base operating system, remained Microsoft's strategic server system until the release of Windows NT Advanced Server in 1993.

Many vendors shipped licensed versions, including:

The LM hash is computed as follows:

LAN Manager authentication uses a particularly weak method of hashing a user's password known as the LM hash algorithm, stemming from the mid-1980s when viruses transmitted by floppy disks were the major concern. Although it is based on DES, a well-studied block cipher, the LM hash has several weaknesses in its design. This makes such hashes crackable in a matter of seconds using rainbow tables, or in a few minutes using brute force. Starting with Windows NT, it was replaced by NTLM, which is still vulnerable to rainbow tables, and brute force attacks unless long, unpredictable passwords are used, see password cracking. NTLM is used for logon with local accounts except on domain controllers since Windows Vista and later versions no longer maintain the LM hash by default. Kerberos is used in Active Directory Environments.

The major weaknesses of LAN Manager authentication protocol are:

To address the security weaknesses inherent in LM encryption and authentication schemes, Microsoft introduced the NTLMv1 protocol in 1993 with Windows NT 3.1. For hashing, NTLM uses Unicode support, replacing LMhash=DESeach(DOSCHARSET(UPPERCASE(password)), "KGS!@#$%") by NThash=MD4(UTF-16-LE(password)), which does not require any padding or truncating that would simplify the key. On the negative side, the same DES algorithm was used with only 56-bit encryption for the subsequent authentication steps, and there is still no salting. Furthermore, Windows machines were for many years configured by default to send and accept responses derived from both the LM hash and the NTLM hash, so the use of the NTLM hash provided no additional security while the weaker hash was still present. It also took time for artificial restrictions on password length in management tools such as User Manager to be lifted.