What are the recommended defense strategies against Net-NTLM hash theft via HTTP?

Defenses include preventing the user authentication method from being set to "Automatic logon with current user name and password" and blocking registry modifications that set value `1A00` to `0`. Administrators can query the registry with `REG QUERY "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1A00` to audit settings. Additionally, using strong passwords and enabling multi-factor authentication can reduce the impact of hash cracking.