diff --git a/lib/passwordstate/client.rb b/lib/passwordstate/client.rb
index b59d34103b778ce2e76eb60027cce4a5ba32edeb..c4ed1f70acea1c5eed78c8654487e098e179f158 100644
--- a/lib/passwordstate/client.rb
+++ b/lib/passwordstate/client.rb
@@ -18,7 +18,7 @@ module Passwordstate
       @headers = DEFAULT_HEADERS
       @auth_data = options.select { |k, _v| %i[apikey username password].include? k }
       @api_type = options.fetch(:api_type) if options.key? :api_type
-      @timeout = options.fetch(:timeout, 0)
+      @timeout = options.fetch(:timeout, 15)
     end
 
     def logger
diff --git a/lib/passwordstate/util.rb b/lib/passwordstate/util.rb
index bae79e3ba2f239254cd595690e49cdd7aaaa650c..46d8c3f9e82862b49d0545964ab56cc48deb0a74 100644
--- a/lib/passwordstate/util.rb
+++ b/lib/passwordstate/util.rb
@@ -11,7 +11,9 @@ module Net
         password: password
       }
       @ntlm_auth_information[:domain] = domain unless domain.nil?
-      @ntlm_auth_options = {}
+      @ntlm_auth_options = {
+        ntlmv2: true
+      }
       @ntlm_auth_options[:workstation] = workstation unless workstation.nil?
     end
   end
@@ -59,7 +61,7 @@ module Passwordstate
 
       if challenge && res.code == '401'
         type2 = Net::NTLM::Message.decode64 challenge
-        type3 = type2.response(req.ntlm_auth_information, req.ntlm_auth_options)
+        type3 = type2.response(req.ntlm_auth_information, req.ntlm_auth_options.dup)
 
         req['authorization'] = 'NTLM ' + type3.encode64
         req.body_stream.rewind if req.body_stream