Windows Authentication - credentials not expiring

Posted on 2006-03-28
Last Modified: 2012-06-27
I am using Active Directory to retain login/password info.  I am authenticating users as they enter Sharpoint with a popup Window's authentication.

Users choose to save their passwords.  When users are required to change their password their authentication to Sharepoint fails.  

If password is set back to their old credentials the authentication works properly.  So the credentials are being saved somewhere and not being updated when users change their network password.
Question by:jasonrlee

    Author Comment

    I found half of the solution:

    By running the following command:

    rundll32.exe keymgr.dll, KRShowKeyMgr

    I get a window that shows me saved windows passwords.  This showed me the saved password that wasn't expiring.  But I can't get here without running this command, and it doesn't solve my global problem.

    Still when passwords are changed how can I clear this saved password automatically and globally?

    The question is still open.
    LVL 5

    Expert Comment

    Why aren't you authenticating though the IIS user in AD?  This will then authenticate then through active directory...this is more secure and less administration.

    Author Comment

    I don't think you undestand the problem.

    I am in fact authenticating against active directory.  The problem is the credentials got saved in this Windows Login Password menu.  I have since turned off the ability to save login/password credentials, but everyone in the office still has their old credentials saved in that menu.  Everytime they enter sharepoint they are first authenticated by the old (saved)credentials instead of the immediate ones.
    LVL 5

    Accepted Solution

    Your right I didn't understand.  But now I think I do.  Were you using basic authentication before? is one KB article that describes adding in activex code to force a re-authentication...

    Another link...

    Also...this is pretty basic but have you told them to clear there history and cookies for IE?  This wipes out the retained passwords for sites.

    Author Comment

    Well your links for activeX seem to be the only answer to my problem.  Since I've never created an ActiveX Control before that will take some time to impliment.  So the points are yours, and I'll repost if I run into problems down the road.  Thanks

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Overview This article describes how to silently install Adobe Reader on multiple workstations, customize the installation options (accept EULA, remove desktop shortcut etc) using the Adobe Customization Wizard and install Adobe Reader font packs an…
    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now