How to reduce the time Windows takes to report a password is wrong?

Solution 1

First as a direct Windows 7 answer from MSDN, the OS is built with the following decision branching for password validation:

1. Entering a wrong password causes Windows 7 to iterate through its password caching in order to compare all entries. This causes a delay.

2. If nothing matched in the cache, the computer then has to contact the Domain Controller to validate the password against the account. This causes a delay.

3. Then when all else has failed in testing for a valid password, you hit the standard bad password delay. For the reasons mentioned over on ServerFault.

After reviewing password policy on Microsoft Technet for Windows 7, Server 2003, Server 2008, the following settings are possible:

Password History, Minimum Password Length, Maximum Password Age, Minimum Password Age, ObservationWindow, LockoutDuration, LockoutThreshold, badPasswordTime, badPwdCount, ntPwdHistory, ForceUnlockLogon

If you're on a domain, this would be set through a GPO and out of your control, however; locally for a computer on a workgroup, you can make the settings through SecPol.msc under Security Settings -> Account Lockout Policy

The only setting even close, badPasswordTime, is the timestamp the last bad password was entered.

In all the settings, nothing references failed password delay, so it's apparently hard coded into the OS.

Now if you're on Linux, you can add parameters to PAM to allow removal of this delay, if it was set up to accept the parameter, otherwise, you have to recompile the pam module that controls this function with settings of your own choice.

Solution 2

In my case I found that the lag was caused by contacting the domain controller over wifi. This step is only possible if you're connected to the internet, so it is possible to set up a script that disables network adapters on logoff, workstation lock and workstation idle, and re-enables them when you log back in.

For instance, add a scheduled task that triggers on workstation lock with an action to disable the wifi network adapter

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command "Disable-NetAdapter -Name WiFi -Confirm:$false"

You can find the names of your network adapters in powershell

netsh interface show interface

Add a similar script to the group policy logoff. Then do the same with Enable-NetAdapter

Related videos on Youtube

03 : 45

How to Fix Wrong Date & Time Issues in Windows PC

MJ Tube

484

19 : 04

How to lock your PC automatically after entering wrong PIN or Password in Windows 10 [FIX included]

Logesh Waran

63

02 : 15

How to bypass windows screen time

Jaso YT

17

05 : 25

Fix Windows 11/10 Keeps Asking To Enter A1B2C3 To Login, Fix Continuous Prompt To Enter A1B2C3

AarohanTechSol

16

02 : 21

How to reduce the time Windows takes to report a password is wrong? (2 Solutions!!)

Roel Van de Paar

0

Author by

einpoklum

Made my way from the Olympus of Complexity Theory, Probabilistic Combinatorics and Property Testing to the down-to-earth domain of Heterogeneous and GPU Computing, and now I'm hoping to bring the gospel of GPU and massive-regularized parallelism to DBMS architectures. I've post-doc'ed at the DB architecture group in CWI Amsterdam to do (some of) that. I subscribe to most of Michael Richter's critique of StackOverflow; you might want to take the time to read it. If you listen closely you can hear me muttering "Why am I not socratic again already?"

Updated on September 18, 2022