This website uses cookies to ensure you get the best experience on our website. Learn more
Audit your Active Directory
Authentication and password security is more important than ever – but how do you fix a vulnerability you can’t see? Specops Password Auditor gives you the visibility you need to start remediating access security risks. A full audit of your Active Directory is the first step towards better password security, giving you an easy-to-understand view of password-related risks that could be access routes in waiting for opportunistic hackers.
-
Audit your Active Directory accounts
- Check user accounts and passwords against 1 billion vulnerable passwords obtained from data breach leaks?
- Scan for weak and compromised passwords that could be used as entry points by attackers?
- Audit your domain for stale or inactive privileged administrator accounts??
-
Analyze risk with password reports
- Assess your domain password policies and fine-grained password policies to see if they’re enforcing users to create secure passwords?
- Identify accounts with expired passwords, identical passwords, blank passwords, and more?
- Measure the effectiveness of your policies against brute force attacks?
-
Align password policies with compliance standards
- Measure your policies against industry standards and get a compliance score??
- Comply with cybersecurity regulations (e.g. NIST, CJIS, NCSC, ANSSI,) and privacy regulations (e.g. CNIL, HITRUST, PCI) ?
Features
Auditing is the place to start your journey towards better password security. We’ve developed Specops Password Auditor to help organizations easily understand the problem they’re facing.
- Overview of relative strengths of password policies including change interval and dictionary enforcement
- Generate an executive summary PDF report to share your results with decision makers (available in English, French, or German)
- Identify accounts using passwords from a list of over 1 billion compromised passwords
- Export report data to CSV for further processing
- Identify user accounts without a minimum password length requirement
- Review administrator accounts and rights to help with least privilege implementation
- Use standalone or integrate with Specops Password Policy for powerful management and remediation
- Identify users who have not changed their password since a given date to help with a reset password directive or new password policy
- Password expiration reports to curb password-related helpdesk calls
- Identify dormant, stale, and inactive user accounts
Specops Password Auditor provides a quick an easy method to get a view of how your organization is complying with company password policy. The drill downs allow me to view the information that is most important.
Sr. Infrastructure Analyst
Amazing lightweight tool which can be installed and used within minutes, provides key security information on what your users are doing with there password decisions and also there inactivity. Creates actionable spreadsheets and pdf’s so you can target the users who are using breached passwords.
Infrastructure Engineer
Capterra customer reviews
See what satisfied customers on Capterra had to say after buying and deploying Specops Password Auditor.
Download Specops Password Auditor for free
Weak password security can create thousands of potential attack routes into your organization. Audit your Active Directory today and get a view of your password-related vulnerabilities.
Download free tool
Frequently Asked Questions
How does Specops Password Auditor work?
Specops Password Auditor will run a read-only scan of your Active Directory network. You can scan custom root, multiple OUs, or multiple trusted domains at once. You can also choose to anonymize username data in your results. Once your scan is complete, you can export results to a CSV or download an executive summary PDF to share with others. You can find more information on how to audit your Active Directory here.?
What are the installation requirements?
Specops Password Auditor can run from any domain joined workstation (Windows 8 and above, or Server 2012 and above), either as a regular user, or as a domain admin. For a full list of the requirements, please refer to the installation guide.?
Can Specops Password Auditor help me with compliance?
Yes. Specops Password Auditor can compare password settings in your organization with industry standards, including: NIST, CJIS, PCI, HITRUST, NCSC, CNIL, ANSSI, and BSI.?
Does Specops Password Auditor store my data?
No. Specops Password Auditor is a reporting tool. It will only read information from Active Directory without making any changes. For more information, see Impact of running Specops Password Auditor on Active Directory
Can the audit show me how strong my password policies are?
Yes. Specops Password Auditor flags issues that impact how well your password policies defend against attacks like the use of compromised passwords and more. For a specific strength rating, you can see an entropy rating for each scanned password policy.
I need to discuss my results with a colleague, how can I share my results within my organization?
You can share results at your discretion via a report export. You can download an overview of results via the Executive Summary report or you can export individual report results to CSV. Before sharing, you may want to consider configuring your scan to run with anonymous user data. Alternatively, if your colleague has appropriate privileges, you can direct them to download and run Password Auditor themselves.
Does this show me people’s passwords?
No. The reports only flag which accounts have passwords issues but don’t reveal the password itself. Only one-way encrypted password hashes are compared, the product contains no link between hashes and plain text passwords, and no passwords are revealed.
How does the breached password check work?
Specops Password Auditor compares hashes from your AD to hashes in the downloaded Breached Password list.
The Breached Passwords report does not use clear text passwords. The MD4 hashes of the compromised passwords are compared to the hashes of the passwords from the domain. The hashes are not stored, they are read and kept in memory by Specops Password Auditor.
How do I fix the issues found in my results?
The executive summary report export includes advice on how to resolve specific issues in your scan. It also includes some severity ratings and an overall password vulnerability score to help you prioritize your fixes. For a proactive approach against breached passwords, use Specops Password Policy’s Breached Password Protection to actively block and prevent the use of breached passwords.
Downloads and resources
- Nine ways MFA can be breached (and why passwords still matter)?
Of all the access security recommendations you come across, multi-factor authentication (MFA) is arguably the most consistent. And there’s good reason many best practice recommendations and compliance frameworks now place MFA at the top of the list of security configurations needed to help protect against compromise. According to Microsoft, MFA can block 99% of account… - Impact of running Specops Password Auditor on Active Directory
Many organizations use Specops Password Auditor (SPA), Specops Password Policy (SPP), and Breached Password Protection (BPP) to help improve the security and password hygiene of their Active Directory (AD). They often run SPA first. Why not? It’s free (download from here)! This tool gives you a good understanding of how bad the problems are with…
Free Active Directory Auditing Tool!
| 肌酐偏高是什么意思 | 什么是慢性病 | 玻璃属于什么垃圾 | 三叉神经痛用什么药 | 结婚十年是什么婚 |
| 手腕疼挂什么科 | 糙皮病是什么病 | jeep是什么意思 | 舌苔白厚腻吃什么药见效快 | 饺子是什么意思 |
| 李白字什么 | 蚰蜒吃什么 | 社会是什么意思 | 喝豆浆有什么好处 | 为什么会遗精 |
| 反流性食管炎有什么症状 | 舌头有麻木感什么原因 | 打了狂犬疫苗不能吃什么 | 为什么耳朵总是嗡嗡响 | sap是做什么的 |
| 处女座是什么hcv8jop4ns6r.cn | 憨厚老实是什么意思cl108k.com | 寒门子弟是什么意思hcv7jop7ns4r.cn | 微信什么时候有的huizhijixie.com | 旺是什么生肖hcv9jop3ns0r.cn |
| 吴亦凡什么学历hcv7jop7ns1r.cn | 三月十二是什么星座hcv9jop6ns8r.cn | 胃疼可以吃什么药hcv8jop2ns8r.cn | 吃什么改善睡眠jingluanji.com | 湿气重吃什么水果hcv9jop7ns2r.cn |
| 家庭长期饮用什么水最好hcv9jop8ns2r.cn | 回盲部憩室是什么意思hcv9jop4ns9r.cn | 小孩肚子疼是什么原因hcv8jop9ns4r.cn | 4是什么生肖youbangsi.com | 为什么会长丝状疣hcv9jop1ns1r.cn |
| 什么时候放假hcv9jop3ns4r.cn | 吃什么能丰胸hcv9jop5ns1r.cn | 剖腹产后吃什么hcv8jop0ns4r.cn | 朱元璋代表什么生肖hcv9jop6ns0r.cn | 胆囊肿是什么病严重吗hcv8jop4ns3r.cn |