Administration | Reporting

There are three ways to view reports in Specops Password Auditor: as a screen report, as a .csv file, or as a PDF report.

Screen Report

When you have run the scan (as described in the main Administration section) and clicked on Show Results, you will be presented with an overview of interactive reports containing user and password policy information. The individual reports can be accessed by clicking on them to reveal additional, more detailed information.

Blank Passwords

Shows a tabled list of user accounts with blank passwords.

Breached Passwords

Shows a tabled list of accounts that have passwords that are known to have leaked.

Identical Passwords

Provides a tabled list of groups of accounts that share the same password. Clicking on any cell will reveal a table with all the accounts in that particular group.

Admin Accounts

Provides a tabled list of accounts with admin privileges.

Stale Admin Accounts

Shows a tabled list of admin accounts that have not been accessed for a specific period of time. To adjust the time period since the last activity (from 30 to 360 days from the present), use the slider at the top.

Password Not Required

Shows a tabled list of user accounts that either have the control flag for not requiring a password set, or are affected by a password policy that does not specify a minimum password length.

Expiring Passwords

Provides a list of all accounts with information on when the password for the account is set to expire within a certain time frame. The time until expiration can be set by adjusting the slider at the top, from 10 to 365 days from report generation. The list can be viewed as a table or a chart. Toggle between the two views by selecting the desired view in the View dropdown at the top.

Expired Passwords

Provides a tabled list of all passwords that have been expired for an extended period of time. By default, accounts with the flag “User must change password at next logon” set are excluded in the list. To include these accounts, select the radio button at the top.

Password never expires

Provides an overview of accounts that have their passwords set to never expire. These can be more vulnerable to attack if the user is reusing this password elsewhere.

Password Policies

Priovides an overview of your password policies per domain and GPO, including information on their change interval, whether or not they use dictionaries, and their relative strengths. Relative strength measures the effectiveness of the policy in resisiting brute-force attacks.

Password Policy Usage

Provides a graphical display of users affected by each password policy.

Password Policy Compliance

Provides an overview per domain and GPO of their compliance with specific industry requirements and recommendations,

CSV Reports

For every individual report generated after a scan, a .csv export can be generated. To generate a .csv report do the following:

  1. Click on the report in you want to create a report for.
  2. Click on Export at the top.
  3. Navigate to the place you want to save the report on your system, provide a name for the file, and click Save.
PDF Reports

Aside from .csv exports for individual reports, a PDF report can be generated for the entire scan.

  1. On the report overview page, click Get PDF Report at the bottom.
  2. Indicate the correct file path where the report should be saved on your system by clicking the Browse button and navigating to the correct place.
  3. Choose your paper size (A4 or Letter)
  4. Choose the report type:
    1. Full: gives a summary overview of all reports in addition to the individual reports. All individual reports are accompanied by a summary as well.
    2. Summary: only gives a summary report of all reports.
  5. Click Generate.