Microsoft has acknowledged a significant issue affecting Windows systems following updates released since August 29, 2025. The updates are causing authentication failures on devices that share duplicate Security Identifiers (SIDs), a critical component in the management of user and computer accounts within the operating system.
Security Identifiers are unique alphanumeric strings that Windows employs to track user accounts, groups, and computer accounts. They play a vital role in access control, permissions management, and security auditing, operating behind the scenes rather than relying solely on account names.
In a support document published on Tuesday, Microsoft detailed the ramifications of these updates, stating, “You might experience Kerberos and New Technology LAN Manager (NTLM) authentication failures across devices that have duplicate Security IDs (SIDs).” The company explained that the recent updates include enhanced security measures that enforce checks on SIDs, leading to authentication failures when devices possess duplicate identifiers. This design alteration effectively obstructs the authentication handshakes necessary for inter-device communication.
The consequences of these authentication failures can manifest in various ways on affected systems, including Windows 11 24H2, Windows 11 25H2, and Windows Server 2025. Users may encounter issues such as:
- Failed remote desktop connections
- “Access denied” errors when attempting to access network resources
- Failed login attempts despite using valid credentials, resulting in error messages such as:
- Login attempt failed.
- Login failed/your credentials didn’t work.
- There is a partial mismatch in the machine ID.
- The username or password is incorrect.
On affected devices, users may also observe SECENO_CREDENTIALS errors in the Event Viewer, alongside Local Security Authority Server Service errors indicating a partial mismatch in the machine ID. This suggests that the ticket may have been manipulated or is associated with a different boot session.
Linked to Windows installations not prepared for imaging
Microsoft elaborated that duplicate SIDs often arise when a Windows installation is cloned or duplicated without proper preparation using the Sysprep (System Preparation) tool. The company emphasized, “SID uniqueness enabled by Sysprep is required for OS duplication on Windows 11, versions 24H2 and 25H2, and Windows Server 2025 after installing Windows updates on and after August 29, 2025.”
To mitigate these authentication challenges, Microsoft recommends that IT administrators rebuild systems exhibiting duplicate SIDs using supported cloning or duplication methods. As a temporary workaround, administrators can install and configure a specific Group Policy, which can be obtained by contacting Microsoft Support for business.
This is not the first time Microsoft has addressed authentication issues; earlier this year, the company resolved a similar problem affecting Windows domain controllers following the April 2025 security updates. Additionally, just last week, Microsoft provided guidance on rectifying smart card authentication issues impacting various Windows systems.
