Security News > 2021 > March > Why Cached Credentials Can Cause Account Lockouts and How to Stop it

When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times.

Perhaps the most easily overlooked cause of account lockouts is the use of cached credentials.

Before I explain why cached credentials can be problematic, let's first consider what the Windows cached credentials do and why they are necessary.

Because Windows supports the use of cached credentials the cached credentials residing within the user's device can process the authentication request.

Even though cached credentials are primarily used as a mechanism for allowing users to login locally when they are working from outside of the office, cached credentials have another important use.

As previously noted however, the use of cached credentials can cause confusion and even cause accounts to become locked out under certain circumstances.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/JzAL1PE51yc/why-cached-credentials-can-cause.html