Aug 21, 2006 12:47 AM|bdesmond|LINK
That doesn't happen via SetPassword or ChangePassword methods. Your code is doing something else... (like logging them on locally). How are you changing passwords?
Probably either impersonating them with some weird options or calling LogonUser to get a token with the wrong options and then passing that token to the impersonation context.
Did you buy this app? If so it's a POS and get a new one. If not your code is busted, fix it.