# UserTokenTTL It has been reported that password changes on the SSPR server are not reflected immediately and that there are cases where the old password can be used to log in. This feature is a feature of the Microsoft IIS service and is due to the default 15-minute value of the UserTokenTTL. The IIS cache keeps the token information of the user account alive for 15 minutes. In order to change this value, this value must be changed from the registry on the server. {% hint style="danger" %} It is recommended that you back up your system before making changes to the Registry. Any incorrect changes you make to the Registry may cause the system to malfunction. All changes made are the responsibility of the system administrator. {% endhint %} 1. The Registry editor opens, 2. "HKEY\_LOCAL\_MACHINE\SYSTEM\CurrentControlSet\Services\InetInfo\Parameters" Node is expanded. 3. If there is a record named UserTokenTTL under Parameters, double-click it to open edit mode and set its value to 0. 4. If there is no record, right-click it under Parameters to live and create a new REG\_DWORD. The name of the newly created record is UserTokenTTL. 5. The record is opened by double-clicking it and set its value to 0. 6. IIS is restarted. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.arksspr.com/master/troubleshooting/usertokenttl.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.