Password Expiring

Hi

I have just started a new IT position, L2 support all done by phone

Common issue is users account being locked out

Apart from the obvious "X amount of failed login attempts" and "password expiration"

What else could make a password expire

My colleague has told me "The pc/laptop may have the old password cached somewhere and it is conflicting with the new one, resulting in lockout"

Can anyone elaborate on this and give anymore reasons as to what would lock out an account

It even happens when user is logged in, a login box appears for intranet when this happens

Thanks in advance

Lee

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

BeaverC32

Not clear on your question...password expiration and account lockout are not synonymous with each other. Do you want to know what causes account lockout, or the password to expire???

dynamik

BeaverC32 wrote:

Not clear on your question...password expiration and account lockout are not synonymous with each other. Do you want to know what causes account lockout, or the password to expire???

I think the point he was trying to make was that he gets a lot of calls about resetting passwords, but I agree, it was worded a bit funny.

Computer accounts also have passwords (I assume this is what your colleague is referring to), even though that's not something you explicitly setup or manage. Every once in awhile it may be necessary to reset a computer account's password. There are a few different methods of doing this with various degrees of success. Sometimes the easiest is just to remove the computer from the domain and rejoin it. This should be a rare occurrence, and I don't believe that the problem will be obvious to an end user. Situations like these usually require diving into the event log because a computer is behaving erratically.

nel

i would check your logs on your dc and make sure that user is authenticating properly or if there are any errors. i had this problem before but we use terminal servers and a server was still logged into a session with an old password. im not going to say this is the same problem as you but i would start with your logs and see if you can see a pattern

dtlokee

I've had the 802.1x supplicant cache the credentials of the logged in user and continue to try to use the outdated password to authenticate to a switch which resulted in the use continouslu getting locked out.

j938

Lee H wrote:

Hi

I have just started a new IT position, L2 support all done by phone

Common issue is users account being locked out

Apart from the obvious "X amount of failed login attempts" and "password expiration"

What else could make a password expire

My colleague has told me "The pc/laptop may have the old password cached somewhere and it is conflicting with the new one, resulting in lockout"

Can anyone elaborate on this and give anymore reasons as to what would lock out an account

It even happens when user is logged in, a login box appears for intranet when this happens

Thanks in advance

Lee

I dont fully understand your questions but one way it can happen while they are logged in is through outlook for example if they have to put in their username and password before they access their email this would cause it to lock out even though they are logged in if they input the wrong password .
Also any other applications for example being provided by citrix or something.

--- Also if your able to enable auditing and netlogon logging and kerberos logging with the main users its repeatedly happening too

-- Also may be user actually typing password in wrong? never know