Current Release: 7.6.21124.1
- The Identical passwords report has been easier to navigate.
- Relative strength now uses entropy.
Released May 04, 2021
- New report to show users with ‘Password never expires’.
- New hostname for breached password protection, see Installation (section Requirements)
- Added index for same password report for readability.
- Changed to save last download folder to per-computer rather than per-user, to avoid having multiple users on the same computer download the same list to different locations.
Released September 16, 2020
- Fixed an issue where some reports were displayed even though data had not been collected for them.
Released July 20, 2020
- Added PDF reporting, summarizing password security related findings.
- Added option to select root for scanning, when not scanning the entire Active Directory.
- Compliance report could fail to include dictionaries.
Released July 8, 2020
- Due to the unprecedented global impact of COVID-19, Specops Software has enabled full functionality in Specops Password Auditor even with a trial license, enabling organizations to identify users who are running compromised/identical passwords on their AD accounts.
- Additionally we have extended the ability to review the Expiring Passwords report up to a year in advance so that you can easily identify users whose passwords may expire while they are off the corporate network during the current global pandemic.
- Installation could fail if .Net framework 4.8 was installed.
Released March 24, 2020
- Fixed an issue where scanning users could fail and stop the entire scan process.
Released February 20, 2020
- Improved offline scan workflow (see Offline Scans for more information).
Released December 11, 2019
- Added export option for all users with leaked passwords.
- Fixed an issue where the back navigation could fail after downloading a dictionary.
Released October 16, 2019
- Fixed an error that could happen if the user who is running SPA does not have permission to read users’ security group memberships.
- Improved error handling if some password hashes cannot be read from the domain controller.
- Changed the structure of the Identical Passwords report to use two levels for increased performance.
- Improved performance when reading user details.
- Improved error messages when failing to access the Breached Password Protection Express online service.
Released August 12, 2019
- In some environments, looking up a user’s password hash could fail.
Released July 29, 2019
- Added SamAccountName information to multiple reports.
- Added email address information to the export of multiple reports.
- Added distinguishedName information to the export of multiple reports.
- In some scenarios, dictionary download timeouts caused the Breached Password Protection scanning to fail.
- The Identical Passwords report will now export all accounts instead of 50 accounts per group.
- Responsiveness improvements when the Breached Password Protection scanning is cancelled (either manually or automatically due to an error).
- Added configuration to enable SPA to use the default proxy when downloading the Breached Password Protection Express dictionary.
- Improved the error message that is displayed if something goes wrong when scanning Active Directory.
Released June 19, 2019
- New report that identifies user accounts with passwords that are known to be leaked. This feature compares the password hashes of user accounts with a list of leaked passwords from the Specops Password Breached Password Protection.
- Note: For full feature functionality, you will need a license for Specops Password Breached Password Protection.
- New report that identifies user accounts that have the same password.
- New report that identifies user accounts with blank passwords (no password).
Released June 12, 2019
- Fixed issue where scanning stopped if the “Password Settings” container for fine grained password policies was missing.
- Fixed issue with writing default application settings in registry.
- Registry writing from x86 installer on x64 OS was incorrect.
- Improved error process if scanning fails.
Released May 5, 2017