Free Active Directory Password Audit​

Authentication and password security is more important than ever.

With over 80% of breaches resulting from compromised passwords, accounts using leaked passwords are an entry point for attackers. 

Our password audit tool scans your Active Directory and identifies password-related vulnerabilities to resolve.

Via an interactive dashboard you can analyse the data or export to an executive level summary.

Specops Password Auditor is a read-only program, and available for FREE download.

0 m+
Breached Passwords

We have a team dedicated daily to compiling breached password lists from live attack data using honeypots as well as popular sources such as HaveIBeenPwned (HIBP).

Free Password Auditor uses a 750m subset of our current database exceeding 2 billion.

0 +
Businesses Protected

We are proud to work throughout the UK & Ireland protecting businesses ranging from FTSE 100/250, government organisations and SME’s since 2001.

0 +
Countries Worldwide

Headquartered in Stockholm, Sweden with additional offices in the US, Canada, the UK, and Germany, Specops password security and authentication solutions are used across the globe work with customers across the globe and support multilingual user interface.


Audit AD accounts

Audit Active Directory For Vulnerabilities

Our password audit tool scans and checks passwords of the user accounts against a list of vulnerable passwords obtained from multiple data breach leaks. It also provides a full view of the administrator accounts in an organisation’s domain, including stale/inactive admin accounts. 

Get password reports

Interactive Dashboard & Reports

From a single view, you can identify vulnerabilities that can assist you with your security plan.  

Using the interactive dashboard you drill-down and analyse the data, export to .csv or generate an executive level summary in PDF.


Align password policies with standards

Specops Password Auditor generates comparison reports of the password settings in your organization, with industry standards and compliance standards from NIST, PCI, Microsoft, and SANS.


Specops Password Auditor will not make any changes to your data, it’s purely read-only so any subsequent actions – like asking users with breached passwords to change them – will need to be done manually. You may also choose to run Password Auditor on your entire Active Directory or just a portion of it.
Specops Password Auditor does NOT report any data back to Specops either, so apart from downloading the installer, and the 5GB database, you can run this on a computer just fine without an internet connection.
Quite the opposite… this tool isn’t cracking anyone’s password, it’s purely temporarily extracting the hashes. In fact, it uses the same methods to do this as AD replication does. So, no rules are being broken, and we’re not accessing any data that isn’t already available to a domain admin level account.
Yes, no strings attached. There are also no affiliate adverts, or anything annoying like you usually find in freeware.
Troy Hunt’s HIBP tool is an excellent resource with over 600m pwned passwords, however this list was last updated in November 2020. At Specops we have a team dedicated to compiling the latest breached password in to a database of over 2.5bn and our SPA breached database is a subset of that.

Password Auditor Industry Reviews

Tech Genix Gold Award
4sysops Logo

“This is probably one of the best freeware tools available to review password policies, compare and benchmark with others as well be able to audit the administration of password policy. It also helps generate reports that show weak passwords that are vulnerable as well as expired passwords and enhance password security.”

Capterra Reviewer – 5/5 Rating

“The software works flawlessly, the documentation is well written (not that you will need it), the software is easy to use, you can get it for free, and most importantly, it does something useful. I simply cannot justify giving Specops Password Auditor anything other than a well deserved perfect score.”

Brien Posey – Microsoft MVP

“For Windows systems administrators, Specops Password Auditor is a must-have utility. You can’t beat the price (free), and if the tool helps you spot just one previously unknown high-privilege account, then the tool has given your business tremendous value.”

Timothy Warner – Microsoft MVP

Run Your Free Scan Today

Specops Password Auditor is a read-only program, no data is shared externally and available for FREE download, no strings attached.

About Specops Software

Specops Software is the leading provider of password management and authentication solutions. Specops protects your business data by blocking weak passwords and securing user authentication. With a complete portfolio of solutions natively integrated with Active Directory, Specops ensures sensitive data is stored on-premises and in your control. Specops Software was founded in 2001 and is headquartered in Stockholm, Sweden with additional offices in the US, Canada, the UK, and Germany.

Specops Software is Gold Microsoft Partner within Application Development, Application Integration, and Cloud Productivity and Silver within Content and Collaboration and Small and Midmarket Cloud Solutions.

Specops Software Ltd are Cyber Essentials certified, guarding against the most common cyber threats and demonstrating commitment to cyber security