Audit Your Active Directory

With a free, read-only scan from Specops, you can audit your active directory for 800M+ breached passwords & more

Read-only scan of your ad environment

The Specops Password Auditor is a read-only tool that scans your Active Directory and identifies password-related vulnerabilities.

The collected information generates multiple interactive reports containing user and password policy information. Plus, you get an exported version to share with stakeholders.

Did you know over 80% of breaches result from compromised passwords?

Passwords are the first line of defense against cyber attacks. Check your AD for over 800 million known breached passwords. Plus,

  • Align password policies with standards
  • Audit Active Directory accounts
  • Generate reports to identify accounts with password vulnerabilities, including expired passwords, identical passwords, blank passwords, and more

Use Specops Password Auditor

0 m+
Breached Passwords

Sources like Have I Been Pwned, honeypots, and open source lists help us keep a massive and up-to-date database of breached passwords.

This free password audit scan checks for 750M+ known breached passwords in your AD infrastructure and regularly updates.

check image
0 +
Businesses Protected

Thousands of organizations, from local municipalities to Fortune 500s, trust their password security to Specops Software. Even more are using the free tools to prove a need for additional security measures.

See our Case Studies page for more information. 

Countries Worldwide

Our capabilities span across language barriers. Specops has interface available in multiple languages including English, German, French, Spanish, Japanese, simplified Chinese, and many more.

With Specops there’s no limit to who can benefit from advanced cyber security tools. 

Active Directory Audit Fast Facts

Yes, no strings attached.

There are also no affiliate adverts, or anything annoying like you usually find in freeware. The only limitation is it’s a report, we can’t help you actually fix anything (that’s a manual task). 

Specops Password Auditor will not make any changes to your data, it’s purely read-only so any subsequent actions – like asking users with breached passwords to change them – will need to be done manually.

You may also choose to run Password Auditor on your entire Active Directory or just a portion of it. 

Specops Password Auditor does NOT report any data back to Specops either, so apart from downloading the installer, and the 5GB database, you can run this on a computer just fine without an internet connection.

Quite the opposite… this tool isn’t cracking anyone’s password, it’s purely temporarily extracting the hashes. In fact, it uses the same methods to do this as AD replication does. So, no rules are being broken, and we’re not accessing any data that isn’t already available to a domain admin level account. None of the data or reporting gets sent to Specops at all, it’s all in your own environment. 

Over 750 million breached passwords.

At Specops we have a team dedicated to compiling the latest breached password in to a database of over 2.5bn and our SPA breached database is a subset of that. Unlike open sources, our lists are updated extremely regularly. We also have advanced honeypots running to update the known password list continuously. 

Run a Free Specops Active Directory Audit Today

Read what the IT Security community is saying

Tech Genix Gold Award
4sysops Logo

“This is probably one of the best freeware tools available to review password policies, compare and benchmark with others as well be able to audit the administration of password policy. It also helps generate reports that show weak passwords that are vulnerable as well as expired passwords and enhance password security.”

Capterra Reviewer – 5/5 Rating

“The software works flawlessly, the documentation is well written (not that you will need it), the software is easy to use, you can get it for free, and most importantly, it does something useful. I simply cannot justify giving Specops Password Auditor anything other than a well deserved perfect score.”

Brien Posey – Techgenix

“I was impressed with Specops Key Recovery for BitLocker, the management portal, and the support I received when I raised several queries for clarification on how things worked.”

Robert Pearman – Microsoft MVP review on