Active Directory Password Audit

Use our Active Directory banned password list to find out how many of your Active Directory users are using leaked passwords. Run a free read-only scan with Specops Password Auditor today!

Passwords remain the primary way of authenticating users in Active Directory, yet we still can’t stop users from making poor password choices. With many breaches resulting from compromised passwords, accounts using pwned passwords are an entry point for attackers.

Specops Password Auditor allows IT teams to identify risky password usage in the environment. Analyze your domain password policies, and fine-grained password policies, to see if they enable password security. 

Download Specops Password Auditor (FREE)

Specops Password Auditor is read-only and does not store or send your Active Directory data.

Active Directory Password Security Report

Specops Password Auditor can offer a view into your current Active Directory password policies, their scope, and how they stack up against a number of compliance requirements or recommendations.

The results include several interactive reports for you to explore as well as an exportable executive summary PDF report you can share with decision makers who may not share your technical background.

The executive summary includes:

  • An overall score, to help indicate how severe your organization’s password vulnerabilities are
  • Risk levels for each password vulnerability along with a count of the accounts impacted
  • Brief explanations of why each issue is a risk
  • Simple advice on how to fix each issue

Our Active Directory password audit tool is free and runs on Windows Server 2008 and later. Specops Password Auditor will only read information from Active Directory, it will not make any changes. It will read the Default Domain Password Policy, any Fine-Grained Password Policies, as well as any Specops Password Policies (if installed). The audit results are provided in a clickable report, and can be exported to a CSV file for further processing.


  • Overview of Active Directory password policies including complexity requirements
  • Screen passwords against a leaked list and find accounts using pwned passwords
  • Find expired passwords, identical passwords, blank passwords, and more
  • Export an executive summary of Active Directory password vulnerabilities
  • Measure your policies against NIST password requirements
  • Identify dormant user accounts
  • Use standalone or integrate with Specops Password Policy to block leaked passwords

About Specops Software

Specops Software is the leading provider of password management and authentication solutions. Specops protects your business data by blocking weak passwords and securing user authentication. With a complete portfolio of solutions natively integrated with Active Directory, Specops ensures sensitive data is stored on-premises and in your control. Every day thousands of organizations use Specops Software to protect business data.