0X00090320

Fix SEC_I_INCOMPLETE_CREDENTIALS (0x00090320) Fast

Windows Errors Intermediate 👁 0 views 📅 May 26, 2026

This error means Windows couldn't finish validating your credentials. The quick fix is clearing cached credentials or resetting the network adapter.

Yeah, seeing 0x00090320 pop up when you're trying to authenticate — frustrating. It usually happens when Windows can't finish validating your username and password for a remote service. The good news is you can fix this in under five minutes if you know where to look.

Fix It: Clear Cached Credentials and Reset Network

This is the fix that works 9 times out of 10 when the error shows up in IIS, RDP, or any app using Schannel (Microsoft's Security Support Provider). I've seen this on Windows 10 22H2, Windows 11 23H2, and Windows Server 2019/2022.

Step 1: Open Credential Manager

  • Press Windows Key + R, type control, hit Enter.
  • In the Control Panel, set View by to Large icons.
  • Click Credential Manager.

Step 2: Remove Stale Credentials

Under Windows Credentials, look for any entry related to the server or service you're trying to connect to. For example, if you're hitting an IIS server at app.company.com, you might see app.company.com or something like TERMSRV/app.company.com for RDP.

  • Click the arrow to expand that entry.
  • Click Remove and confirm.

Don't delete everything — only the entries for that specific target. Deleting your Microsoft account credentials will mess up other things.

Step 3: Reset Your Network Adapter

This clears any stuck authentication state in the network stack.

  • Open Command Prompt as Administrator (right-click Start, pick Command Prompt (Admin) or Windows Terminal (Admin)).
  • Type these commands one at a time, hitting Enter after each:
ipconfig /flushdns
netsh int ip reset
netsh winsock reset
  • After the last command, restart your computer.

Step 4: Re-authenticate

Once you're back up, try connecting again. When Windows asks for credentials, enter them fresh. This time it should work because the old corrupted cache is gone.

After the reset, you should see a login prompt instead of the error. If you still get 0x00090320, go to the next section.

Why This Works

Here's the deal: 0x00090320 is Schannel's way of saying "I got part of your credentials, but something's missing or broken." Microsoft's official docs call it SEC_I_INCOMPLETE_CREDENTIALS — the I stands for informational, but it's still a hard failure in most apps.

The root cause is almost always a cached credential that got corrupted or mismatched. Maybe the password changed on the server, but your local cache still has the old one. Or a token renewal failed mid-handshake. Clearing the cache forces a fresh authentication, and resetting the network stack clears any half-open SSL/TLS sessions that hung around.

Less Common Variants and Fixes

If clearing credentials and resetting the network didn't do it, here are the less common scenarios I've seen.

IIS with Client Certificates

If you're getting this error in IIS when using client certificates (like smart cards or PKI certs), the problem is often a missing intermediate certificate in the client's personal store. Open certlm.msc (Local Machine certificates) and check under Personal > Certificates. If your client cert shows a broken chain, right-click it, go to All Tasks > Export, then re-import it with the full chain.

Time Sync Issues

Kerberos is picky about time. If your computer's clock is more than 5 minutes off from the domain controller, you'll see this error. Check and sync:

w32tm /resync

If that fails, restart the Windows Time service:

net stop w32time
net start w32time
w32tm /resync

Third-Party VPN or Proxy

I've seen Cisco AnyConnect and Zscaler break credential negotiations. Disconnect from your VPN temporarily, then try the connection again. If it works, add your target server to the VPN's bypass list.

Prevention

To keep this from coming back:

  • Never save passwords in browsers or apps for corporate resources. Use Windows Credential Manager only when absolutely necessary, and expire them regularly.
  • Keep your system clock synced — set it to sync daily with a reliable NTP server like time.windows.com.
  • Update your network drivers — old Intel and Realtek drivers have known issues with TLS negotiation. Check your OEM's site for the latest.
  • If you use client certificates, set up auto-enrollment with a Group Policy so your machine always has the right chain.

One more thing: if this happens on a shared workstation (like a lab or kiosk), consider disabling credential caching entirely via Group Policy. The setting is under Computer Configuration > Administrative Templates > System > User Profiles > Turn off credential caching. That stops the error at the source.

That's it. You should be back up and running. If not — and this is rare — check the Application event log for Schannel warnings, which will point you to the specific certificate or server name that's causing the problem.

Was this solution helpful?

SEC_I_INCOMPLETE_CREDENTIALS 0x00090320 credentials not complete Windows authentication error fix 0x00090320 credential manager clear network reset Schannel error IIS authentication failure RDP credential error