0XC0000071

STATUS_PASSWORD_EXPIRED (0XC0000071) Fix

Windows Errors Beginner 👁 1 views 📅 May 27, 2026

Your password expired and Windows won't log you in. Fix it by changing the password through another method or resetting it. Here's how.

Quick answer

If you can get to another admin account on the same machine (local or domain), log into that account, then open Command Prompt as admin and run: net user YourUsername NewPassword123! (replace with your username and a new password). Log out and log in with the new password.

Why you're seeing 0xC0000071

This error code 0xC0000071 means the password for the account you're trying to log into has expired. Windows enforces password expiration policies—by default, passwords expire every 42 days for domain accounts and 42 days for local accounts on some editions. But the real problem is a catch-22: the user can't log in because the password is expired, but Windows wants you to log in to change it. You'd think the login screen would prompt you to change the password, right? It does—sometimes. But if you're logging in over RDP, or if the account is a domain account and the domain controller is unreachable, that prompt never shows up. You just get the error and a locked-out feeling.

This error hits especially hard when:

  • You're connecting via Remote Desktop to a server and the password expired while you were away.
  • A service account password expired, and now a scheduled task or SQL Server agent won't start.
  • The user tried to log in through a VPN that doesn't have line-of-sight to the domain controller.

Fix steps (main method)

This method works if you have any other account on the same computer that is a local administrator or domain admin. It also works if you can boot into Safe Mode with Networking.

  1. Log into a different admin account. If you have another user account on the machine (like a separate local admin account), log into that. If you don't, reboot and press F8 before Windows starts, choose Safe Mode with Networking, and log into the built-in Administrator account (it's often disabled, but if enabled it works).
  2. Open Command Prompt as administrator. Click Start, type "cmd", right-click Command Prompt, and pick "Run as administrator".
  3. Change the expired password. Type this command, replacing YourUsername with the actual username and NewPassword123! with a new password that meets complexity requirements (at least 8 chars, upper, lower, digit, special char):
    net user YourUsername NewPassword123!
    After you press Enter, you should see: "The command completed successfully."
  4. Log out and test. Close Command Prompt, log out of the admin account, then log into the original account with the new password. You should get in without the 0xC0000071 error.

If the main method fails

The main method fails when there is no other admin account available, or when you're dealing with a domain account and the computer is not on the domain network. Here are alternatives:

Option 1: Password reset disk (local accounts only)

If you created a password reset disk ahead of time (a USB or floppy—yes, floppy), you can use it at the login screen. On the login screen, after you get the error, click "Reset password..." and follow the wizard. This only works for local accounts, not domain accounts.

Option 2: Use a password reset tool (advanced, for local accounts)

There are third-party tools like Offline NT Password & Registry Editor (free, open-source) or PCUnlocker (paid). You boot from a CD or USB, and it lets you blank or change the local account password. This works even if you can't get into Safe Mode. Be warned: these tools can be flagged by antivirus because they modify Windows security. Use them on a machine you own.

Option 3: Domain account—get on the network

If this is a domain-joined computer and the password expired, the user needs to either:

  • Connect to the company network (either physically or via VPN) so the computer can reach a domain controller. Then, at the login screen, try logging in again. Windows should detect the domain controller and offer a "Change password" button. If it doesn't, try entering the wrong password twice—sometimes Windows then lets you reset.
  • Call IT to reset the password from Active Directory Users and Computers. The user then logs in with the temp password and sets a new one.

Option 4: Reinstall Windows (last resort, local accounts)

If none of the above works and you don't care about the data, you can reinstall Windows. That's the nuclear option. Before you do, consider booting from a Linux live USB to copy important files off the drive.

Prevention tip

The real fix is to set password expiration to never expire for service accounts and to educate users. But if you must keep expiration policies (some compliance requires it), then do this:

  • For domain users: set up password reminders in email or SMS 7 days before expiry.
  • For local accounts, especially on servers: either disable password expiration entirely by running net user Username /expires:never or set a longer expiration (like 365 days) via Group Policy.
  • For service accounts: always set "Password never expires" in AD or local user manager. These accounts are automated—they won't change their own password.

One more thing: if you manage multiple machines, use Group Policy to set "Interactive logon: Prompt user to change password before expiration" to 14 days. That gives users a warning before they get locked out.

Was this solution helpful?

STATUS_PASSWORD_EXPIRED 0xC0000071 password expired error Windows login failed password expired cannot log in password expired 0xC0000071 fix password expired domain password expired local account reset expired password Windows change expired password command line Windows Server password expired