I just wrote this code snippet for listing all local users and whether their account uses a password (credits to Leniel Macaferi)
var users = (from ManagementObject user in new ManagementObjectSearcher(@"SELECT * FROM Win32_UserAccount").Get()
where (uint)user["AccountType"] == UF_NORMAL_ACCOUNT && (bool)user["LocalAccount"] && !(bool)user["Disabled"] && (bool)user["LocalAccount"] && !(bool)user["Lockout"]
orderby (string)user["Name"] ascending
select new { UserName = (string)user["Name"], PasswordRequired = (bool)user["PasswordRequired"] }).ToArray();
foreach (var user in users)
Console.WriteLine("{0} (Requires password: {1})", user.UserName, user.PasswordRequired ? "YES" : "NO");
Using this code there was one specific user, whose Win32_UserAccount.PasswordRequired field was set to false even though this user is using a password. Changing his password via the System Control as well as setting an empty password and then resetting it didn't affect this flag, neither logging out and then in again nor rebooting refreshed this flag. On the other hand the User Account Control always says "Password protected" beneath this user even though PasswordRequired is set to false.
I actually NetUserSetInfoed the flag to true by removing the UF_PASSWD_NOTREQD flag from the user's USER_INFO_2.usri2_flags field. This in turn changed the value of Win32_UserAccount.PasswordRequired, but it didn't affect my system's behavior. In fact I have to enter the password regardless of what this flag is saying, I can flip this flag all day long and it doesn't affect anything, so my question: Is there a reliable way of determining whether one specific user is using a password? (The solution preferable shouldn't require administrative privileges.)
