Specops Password Auditor – verification of passwords and password policies

The assignment of strong passwords is of elementary importance in every network to ensure a certain level of security. An important prerequisite for assigning passwords is the password guidelines, which can be assigned centrally for the Active Directory.

The users must then comply with these specifications and their passwords must comply with the specified guidelines (number of characters, lower / upper case letters, special characters, etc.).

The company Specops has specialized in this password security and we would like to introduce you today to a free tool that you can use to check your password guidelines and user passwords. You can use the

Specops Password Auditor

download and install. This tool is a read-only tool and only reads the data from the Active Directory and then processes it locally. No information about Specops is sent.

Immediately after starting the password checker, you have to enter the domain name and a domain controller. The tool also reads this data beforehand and usually suggests the correct data.

Specops Password Auditor launch

You can then download so-called blacklist password files. This gives you the opportunity to check the passwords of AD users against 1 billion compromised passwords and thus to determine whether users should change their password for security reasons.

If you use this blacklist function, the next step will be to download over 250 files with a total of more than 4.5GB of data to insecure passwords. In addition, you can also specify a folder in which the passwords blacklist files should be saved.

The following figure shows the status of the blacklist download and the scanning process of the Active Directory. Depending on the size of the Active Directory and the possible download of the blacklist files, this process can take a few minutes.

Specops Password Auditor Blacklist scanning

After the AD scan has been carried out, you will be shown the results of the security scan. Here you can see how many users may be using a compromised password and which users are using the same Windows passwords.

On the second page, “expired passwords” and the existing password guidelines from the queried Active Directory are discussed in more detail.

Specops Password Auditor Results Part 2

With this tool you have the possibility to check the used passwords and password guidelines of your network very quickly and easily and then to take the appropriate measures to eliminate any password security gaps. The Specopy Password Auditor can be updated at any time free of charge and the provider also updates the blacklist files again and again.