Password lock out queries

Posted on 2011-05-09
Last Modified: 2012-05-11
A couple of questions on password lockouts in a Windows 2003/2008 environment.

I often leave myself logged in to servers overnight so that when I come in the next day I can just connect up again to the session. Sometimes, I can be logged in/disconnected from servers for a few days.

If say, I logged into ServerA and then disconnected my sessoin (but it was still live) on Monday, but then Tuesday I changed my password. Is there a risk that my account would get locked out because that session still has my old password?

Secondly, these password lockouts due to invalid passwords - are they for a certain time only or until someone actually unlocks it?
Question by:Joe_Budden
    LVL 70

    Accepted Solution

    A password lockout cannot occur until you log in again

    The length of the lockout is determined by the policy in place - if can range from 0 to forever (until and admin unlocks it)


    BTW - very bad practice to keep logged in as you describe.
    LVL 1

    Author Comment


    Thanks for the heads up, why is it bad out of interest?

    Regarding this comment:

    "A password lockout cannot occur until you log in again"

    If I entered the new pwd correctly, then there is no issue - from a password lockout point of view - of staying logged on/disconnected?
    LVL 70

    Expert Comment

    If you leave a session active then there is always the risk of someone taking over the session - why risk any compromise - unless the session is in use then why leave it open

    I don't understand your final comment - a password lockout can only occur when the password is authenticated.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now