Avatar of Someone
Ā asked on

How to make the old password invalid once I change it in Active Directory

Hello IT people

When I change the password for a user in Active Directory, the user can use the old password for some time. How could I change that so the old password become invalid once I change it?

Active DirectoryWindows Server 2016Windows 10Azure

Avatar of undefined
Last Comment
Peter Hutchison

8/22/2022 - Mon

"user can use the old password for some time "
Are you saying that the user can continue to be logged in after you change the password or that they are able to log in with the old password after you change it?

Is the computer on the LAN with the DC when they use the old password?


I mean they are able to log in with the old password after I change it, for some time, let's say for 24 hour.
yes the computer is on the LAN.
Hello There

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

Yes I have multiple DCs, and are they replicate without errors. But I'm afraid that I can't restart them for now šŸ˜…

I'll check if it is related to the NTLM authentication or not
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
Peter Hutchison

You need to set password policies in AD to remember the history of passwords and prevent reuse of passwords for the same user: Enable the 'Enforce password history'.
SeeĀ Password Policy (Windows 10) - Windows security | Microsoft DocsĀ