The Best Open Source Email & Collaboration Software

Deutsch Deutsch down

Why can i still login with my "old" password, after i changed my password in ADS?

The default behavior of Microsoft Windows Server 2003 is to remember old passwords for one hour after a password change.

It is noted by Microsoft that no security weakness is caused by this kind of behavior, as long as only one user knows both passwords.

Existing components that are designed to use Kerberos for authentication are not affected.

Unofficially it is done for replication between 2 or more domain controllers. Standard domain controllers replicate every 15 minutes.

Additional information:

http://community.ca.com/blogs/securityadvisor/archive/2007/12/11/microsoft-ntlm-authentication-behavior-allows-using-of-old-passwords.aspx

http://support.microsoft.com/kb/906305/en-us

 

Jobs at Zarafa

View zarafa tour 2013 video

Zarafa customers