Why on Windows 7 does "wrong password" take a long time to appear?

Solution 1:

It is mainly to prevent quick brute forcing of passwords.

This blog article gives you much more information than you probably care for!

Solution 2:

So it takes longer to brute force a password.

If this computer is on a domain, using the right password will skip the domain lookup and verify against the cached credentials. If it can't use a cached credential then it has to contact a domain controller, which has several handshakes involved (Kerberos and LDAP at the minimum).

Solution 3:

Most OSes (linux and windows are good examples) enforce a retry delay in order to prevent someone from scripting a login to the server and potentially brute forcing or locking out an account without a delay that will (potentially) allow the attempt to get noticed by someone getting failed login alerts. In addition the method of authentication (domain vs local) also has a performance hit on the authentication. Note that in the case of domain passwords the password is verified twice if it fails on a non pdc emulator DC.

Solution 4:

It 's deliberate.

If you miss it 2 or 3 time, it stole less than a minute of your life. But if you try to much, it will take your life.

Solution 5:

I just did a test since I have a similar setup. My machine is Win 7 domain PC, if I am connected to the network my DC is on and enter the password wrong it takes 30 seconds or so to tell me the PW is incorrect. However if I turn my Wifi off or connect to a different network it instantly tells me the password is incorrect. Probably a mix of what Chris S said below and communication between the Domain controller and PC.