Locked out accounts
If users report locked out accounts after using the Bravura Security Fabric web interface to change or reset their passwords, they should be instructed to log out of their workstations after any password change. This prevents the following sequence of events:
The user’s workstation is configured to use ghosted connections, or caches login credentials.
The user logs into their workstation with password A.
The workstation stores the user-ID and the old password (A) for future reference.
The user connects to the Bravura Security Fabric server and changes their password from A to B.
Since this change took place on a different workstation in the domain (the Bravura Security Fabric server), the user’s workstation is unaware of the change.
The user then attempts to connect to a new server on the network.
The user’s workstation attempts to establish the connection using its stored (and now invalid) value for the password (A).
The server or domain controller records an invalid login attempt, and may lock out the user’s account.
To avoid locked accounts, disable password caching and ghosted connections on all workstations, or use Password Manager Local Reset Extension to reset cached passwords on user’s workstations.