Our corporate policy requires us to change Windows server local Administrator passwords on a regular basis. We have a script that accomplishes this, and after the change we do a QA check to validate the passwords were actually changed.
To determine when a local account password was last set (administrator, in this example) , run the following command:
net user Administrator | find /i "Password last set"
The result looks like:
Password last set 7/8/2010 11:14 AM
Tested on Windows 2000, Windows XP, Windows 7, Windows Vista, Windows 8, Windows 10, Windows Server 2003/2008/2012/2016.
Note: Just typing net user accountname will provide lots of good details about the user account.
C:\>net user administrator
It’s worth noting that if the user is logged into Windows using a Microsoft account, then the dates given via the command are not accurate and should be ignored. Only use this command for accounts that are just local accounts.