I’m helping a client who has contracted with a 3rd party for a Windows 2012 cloud server. Since we are in start-up mode and he has been traveling, he has only gotten back to this process this week. When he attempted to log on, the RDP client informed him that his password had expired and he could not get any further. After contacting his server provider, we found that they have a password expiration of 42 days, after which a new password must be set within one day (at least that is what their list of password settings implied). I’ve asked them to clarify whether this is one day after the next log-in, but after I sent that, it occurred to me that a “day 43” window seemed to be what my client experienced. This would be critical because not all of his users may be on the server every day and the idea that they would have to keep track of which day they are on seems counter-productive.
Is this one-day window a typical security policy for a server? On the other hand, it might be due to the RDP utility not allowing him to proceed to the Windows log-in screen (since the credentials had been saved).
Any comments or advice about this? Thanks!
