Can use old password after change password throught OWA
User can use old password and new password in 2 hours after change password... how to fix it
March 19th, 2015 5:29am

Hi Thai Son,

When user changes password using OWA you may notice a period during which the user can log on to their mailbox by using either the old password or the new password.

This latency exists by design for Internet Information Services (IIS) performance reasons and is controlled by the a registry setting.

By default its 15 minutes. (Changes made to the reg, or issue with the IIS service on the CAS\TMG(reverse proxy) could cause longer periods.

Warning   If you use Registry Editor incorrectly, you may cause serious problems .

Use Registry Editor at your own risk to check and modify this.
  1. Start Registry Editor (Regedt32.exe) on the server that is running IIS and through which the user gains access to OWA.
  2. Locate the following key in the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InetInfo\Parameters
  3. On the Edit menu, click Add Value, and then add the following registry value: Value Name:  UserTokenTTL   (Note This is case-sensitive!)
    Data Type:   REG_DWORD
    Value Range: 0 - 0x7FFFFFFF (Note This unit is in seconds.)
  4. Exit Registry Editor, and then restart IIS.

NOTE:- If user is still logged in at the time of change, the update doesn't apply for the user immediatly.

Refer to the below article for more details:

An old password still works after you change it in Outlook Web Access :

https://support.microsoft.com/en-us/kb/2675

March 19th, 2015 5:44am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics