Re: User Accounts Keep Locking Out

From: David Grant (
Date: 01/24/03

From: "David Grant" <>
Date: Fri, 24 Jan 2003 00:31:29 -0000


Are you sure the accounts are being locked out, and that you havent set the
passwords to expire after a certain time. By the way - the built in admin
account cannot be locked out, and most password cracking tools can identify
this account no matter what you name it.

just a thought


"John" <> wrote in message
> Hey All:
> Running a Win2k Web Server and am having a problem with all user
> accounts being locked out every few weeks or so except the original
> admin account (which was renamed).
> I am guessing there is some tool out there that can read the user
> accounts on a machine and then is automatically trying to crack the
> passwords. Of course, the machine is set to lock people out after 3
> bad attempts so that's not getting to far and we enforce tough
> passwords.
> So, my question is, is there any way to stop this? Can anything be
> done or do I have to live with unlocking everyones account every few
> weeks (hope not).
> Any help would be greatly appreciated.

Relevant Pages

  • Re: Account lockouts
    ... for reusable passwords and the AAA infrastructures that rely upon them? ... In that context, account lockout policy -- duration, threshold, lockout ... > cracking attacks. ...
  • Re: Deleting Admin Account
    ... administrative level account to change the Type of the Admin account ... created to a limited account (or create yourself a third account - non-admin ... The built-in administrator cannot be changed from the administrative level, ... You should password protect (with different passwords would be best) each ...
  • Re: Blank Passwords, Complex Requeirements and Problems...
    ... The account would then have: 544 = normal account with "Password Not Required" bit = on ... wellKnownObjects: B:32:6227F0AF1FC2410D8E3BB10615BB5B0F:CN=NTDS ... BLOG --> ... As far as i know, the Win2003 AD never had a "free" Default Domain Policy to allow that, the DDP is the Default since the initial build of th AD. Ok, let's say that an Admin disabled temporarily th DDP for a few moments and allowed certain accouns to be created with blank passwords. ...
  • Re: OT: dealing with keystroke loggers
    ... what's the practical solution to deal with s/w keystroke loggers ... Researcher refutes Microsoft's account of hijacked Hotmail passwords ... passwords were obtained in a massive phishing attack. ... "Everyone who suspects that their account has been compromised should ...
  • RE: Single sign on
    ... How to authentificate an user via telephon? ... > Avatier has a product which would allow users to reset their own passwords ... >> for the person whose account is reset. ... >> would only be accessible by the person whose account is reset. ...