• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 278
  • Last Modified:

Password lock out queries

A couple of questions on password lockouts in a Windows 2003/2008 environment.

I often leave myself logged in to servers overnight so that when I come in the next day I can just connect up again to the session. Sometimes, I can be logged in/disconnected from servers for a few days.

If say, I logged into ServerA and then disconnected my sessoin (but it was still live) on Monday, but then Tuesday I changed my password. Is there a risk that my account would get locked out because that session still has my old password?

Secondly, these password lockouts due to invalid passwords - are they for a certain time only or until someone actually unlocks it?
  • 2
1 Solution
A password lockout cannot occur until you log in again

The length of the lockout is determined by the policy in place - if can range from 0 to forever (until and admin unlocks it)

see http://www.windowsnetworking.com/kbase/WindowsTips/WindowsXP/AdminTips/Security/AccountLockoutPolicies.html

BTW - very bad practice to keep logged in as you describe.
Joe_BuddenAuthor Commented:

Thanks for the heads up, why is it bad out of interest?

Regarding this comment:

"A password lockout cannot occur until you log in again"

If I entered the new pwd correctly, then there is no issue - from a password lockout point of view - of staying logged on/disconnected?
If you leave a session active then there is always the risk of someone taking over the session - why risk any compromise - unless the session is in use then why leave it open

I don't understand your final comment - a password lockout can only occur when the password is authenticated.

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now