Frequent Account Lockout | Steps and validation for clearing stale password

balasubramaniam Perumal 20 Reputation points
2024-05-23T15:20:38.94+00:00

Hi all,

Due to stale passwords some of the domain users face frequent lockout.

let me know the steps for clearing the stale password in Windows 10 and Windows 11.

I know only a few areas for clearing the stale password. let me know the complete list of options for clearing stale passwords.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,090 questions
{count} votes

Accepted answer
  1. Daisy Zhou 20,461 Reputation points Microsoft Vendor
    2024-05-30T08:17:36.7766667+00:00

    Hello balasubramaniam Perumal,

    Thank you for posting in Q&A forum.

    Find the account lockout source, which machine locked which AD domain account.

    1.Check if you can see multiple Event ID 4771 or 4776 via Security log on DC/PDC.

    2.Check whether you can see ID 4740 immediately after the event ID 4776 or event ID 4771 in the security log on the DC/PDC.

    3.If these user accounts are not locked out by the same change or the same cause, you may need to check one domain user account first.

    4.Find one locked account, and for this domain user account, if you can see Event ID 4771 or 4776 and Event ID 4740 related this domain account, can you see which machine lock (via event 4740 or 4776 or 4771) the user account?

    After you find locked source, logon the machine locked out this account to try to check the reason.

    • Check Credential Management to see if the user's old credentials are cached (Control Panel).

    • Check whether the network disk is mounted with the wrong password.

    • Check if the user started the service with the wrong password, run scheduled tasks, etc.

    • Are there other third-party programs/application that cache incorrect passwords for user accounts.

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. balasubramaniam Perumal 20 Reputation points
    2024-05-24T02:12:56.3933333+00:00

    thank you for the response and your time.

    rundll32 keymgr.dll KRShowKeyMgr are known area for clearing stale password.

    clearing password from Web browser also known for me.

    let me know other areas where the stale password can be stored in windows Operating system.

    should I check to remove stale password from Registry, IIS, etc..

    0 comments No comments