Can a virus cause passwords to expire on a network?

Posted on 2009-04-03
Last Modified: 2013-12-04
At my job every network login that did not have the "password never expires" checkbox checked in Active Directory was prompted to change passwords.  Individually, user accounts did not have a expiration date.  After looking more in depth I found a group policy for the entire district where passwords have a max age of 45 days.  However, I don't believe that anyone specifically set that.  Can a virus set that policy?  

In addition we had to temporarily shut down our firewall that was incorrectly blocking secure traffic.
Question by:AtypicalIC
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Expert Comment

ID: 24065218
that's a group policy and is intended for maximizing the security, not minimizing it ... don't thing a virus could do that.


Expert Comment

ID: 24065231
btw ... isn't that the default policy for expiration of password?
LVL 49

Accepted Solution

Akhater earned 250 total points
ID: 24065242
the 45 days comes by default
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.


Author Comment

ID: 24065952
I know it sounds crazy to complain that a security policy is suddenly enforced. However, the odd thing is that  ALL the passwords expired at the same time even though passwords were definitely not assigned at the same time and many were, according to the policy, expired days months and even possibly years ago.

On the opposite side, is there anything that would have prevented the policy from working normally that suddenly allowed it (perhaps the firewall was blocking a network trigger message)?
LVL 49

Expert Comment

ID: 24066198
you are talking about the default domain policy right ? The default settings in 45  days on windows 2003

did you upgrade your domain from 2000 to 2003 or something similar ?

btw why is this question in the exchange section ?

Expert Comment

ID: 24066873
the one and only time I faced a virus changing my password on a server was for my SA password on MSSQL. never for security policy. either way, if your policy remains on 45 days, just leave it as is an d monitor it a bit. see if it actually exparies on 45 days. maybe you have forced the group pilicy forcing the passwords to expire on the same day!!
you could always try setting it to a lower number for easier monitoring

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question