“The eight character password is dead.”
tl;dr : Still using NTLM? It’s out of date, upgrade and stay safe.
“..It’s dead at least in the context of hacking attacks on organisations that rely on Windows and Active Directory. NTLM is an old Microsoft authentication protocol that has since been replaced with Kerberos.”