Siteauth.dll Component Does not Appear To Honor User-Password TTL
If you are using AuthFilter with Windows authentication, the Active Directory or local Windows account settings do not take effect. Upon disabling an account, the Siteauth.dll component does not appear to honor user-password TTL. You can resolve this issue by altering the Microsoft Internet Information Services (IIS) security token cache settings. For more information about this issue, see KB article 840582 at https://go.microsoft.com/fwlink/?LinkId=79820.