Our corporate policy requires us to change Windows server local Administrator passwords on a regular basis. We have a script that accomplishes this, and after the change we do a QA check to validate the passwords were actually changed.
To determine when a local account password was last set (administrator, in this example) , run the following command:
net user Administrator | find /i “Password last set”
The result looks like:
Password last set 7/8/2010 11:14 AM
Tested on Windows 2000, Windows XP, Windows 2003, and Windows 2008.
Note: Just typing net user accountname will provide lots of good details about the user account.
C:\>net user administrator
User name Administrator
Full Name
Comment Built-in account for administering the computer/domain
User’s comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 7/8/2010 11:14 AM
Password expires Never
Password changeable 7/9/2010 11:14 AM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon 8/3/2010 5:42 PM
Logon hours allowed All
Local Group Memberships *Administrators
Global Group memberships *None
The command completed successfully.