Hello,
I downloaded the v3.0 release of the dll.
After I change a password, the user account cannot login always reporting an incorrect password.
If I attempt to change the password to a known pwned password if fails as it should.

I've tested on 2016 and 2012 r2 x64.
If I removed the entry from lsa notification packages and reboot. I can reset the password and the user account works again.

Thanks,

Hi there,

Thanks for bringing this to my attention. I'll take a look in 8 or so hours, and will update you on the outcome of my testing.

Hi there,

I believe I've resolved the issue - when I updated the DLL to utilise SecureZeroMemory, I accidentally used it on the PUNICODE password string (i.e. the string directly sent from LSA). Because of this, even if a password were to be accepted by the DLL, it wouldn't be changed successfully as the password would no longer exist in memory.

Really sorry for the inconvenience this would have caused! I've updated the source, and released version 3.1 under releases.

Please let me know if you have any further issues!

This appears to have fixed it, but I did come across another issue. Close this one and I'll open another one to keep records organized.
Thank you