Q: Why is it that when users type their old password, their accounts aren't locked out?
Learn more about the Windows Server feature called Password history check.
John Savill
September 20, 2012
1 Min Read
A: This was a change introduced back with Windows Server 2003 known as Password history check (N-2).
Provided their accounts have password history enabled, when users try to log on, if they enter their previous password (or even the password prior to that), the badPwdCount will not be incremented, which is, in turn, used to track bad password attempts and causes the account to get locked out.
The goal of this change was to reduce the amount of account lockouts by users typing their previous password instead of the current password.
About the Author
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
You May Also Like