Users that maintain accounts with online systems, such as corporate email systems, often synchronize their data between a variety of devices, such as mobile devices and desktop or laptop computers. Additionally, IT administrators typically implement security policies to maintain the security of such user accounts. For example, administrators of a network directory service, such as MICROSOFT's ACTIVE DIRECTORY, may require users to change their account credentials (e.g., passwords) at a fixed interval (e.g., every 30 to 90 days).
Computing devices synchronized with user accounts often automatically store and use credentials to log in to such user accounts. Unfortunately, when a security policy requires a user to change their credentials, the user's computing device may nevertheless persist in attempting to log in with outdated credentials stored on the computing device, potentially resulting in repeated failed attempts to log in. After a number of failed attempts, the online system may take an adverse security action against the computing device, such as wiping the device or locking out the user.
For example, a computing device may attempt to retrieve email, or other information, often enough such that, if an employee changed their network directory service credentials before leaving work, the computing device may fail three or four authentication attempts by the time the employee arrives home. In that case, if the employee's company had a policy of wiping devices after three failed authentication attempts, the employee's computing device may be wiped without even giving the user a chance to take action to correct the issue. As such, the instant disclosure identifies a need for improved systems and methods for protecting user accounts.