Determining when a local Windows account password was last changed

Our corporate policy requires us to change Windows server local Administrator passwords on a regular basis.  We have a script that accomplishes this, and after the change we do a QA check to validate the passwords were actually changed.

To determine when a local account password was last set (administrator, in this example) , run the following command:

net user Administrator | find /i “Password last set”

The result looks like:

Password last set            7/8/2010 11:14 AM

Tested on Windows 2000, Windows XP, Windows 2003, and Windows 2008.

Note: Just typing net user accountname will provide lots of good details about the user account.

C:\>net user administrator
User name                    Administrator
Full Name
Comment                      Built-in account for administering the computer/domain
User’s comment
Country code                 000 (System Default)
Account active               Yes
Account expires              Never

Password last set            7/8/2010 11:14 AM
Password expires             Never
Password changeable          7/9/2010 11:14 AM
Password required            Yes
User may change password     Yes

Workstations allowed         All
Logon script
User profile
Home directory
Last logon                   8/3/2010 5:42 PM

Logon hours allowed          All

Local Group Memberships      *Administrators
Global Group memberships     *None
The command completed successfully.

Leave a Reply

Your email address will not be published. Required fields are marked *