Two known authentication protocols are NTLM (an acronym for NT LAN Manager) and Kerberos (named after the Greek mythological three-headed guard dog of Hades). Kerberos is generally considered to be more secure than NTLM. In a typical client-server configuration, NTLM provides authentication of the client. Kerberos, on the other hand, provides mutual authentication: authentication of the client and the server. NTLM is older than Kerberos, thus, many legacy systems are NTLM compliant. Although system administrators would prefer to migrate to a more secure protocol, they tend to resist migrating from NTLM to Kerberos because the migration can be difficult, tedious, time consuming, and generally considered a hardship. Also, to migrate, applications need to be retrofitted or rewritten to use Kerberos correctly. In many cases this is not practical because applications are no longer owned by anyone (e.g., the publisher of the application went out of business or no longer supports the application), or the companies involved do not have the security knowledge to make the changes. Thus, many systems having NTLM compliant clients can not take advantage of Kerberos-like features, such as mutual authentication.