To perform a password audit, do the following:

  1. Open the tool.
  2. Make sure the correct domain controller is selected in the Scan Roots field. Click Change if you want to change the domain root for scanning.
  3. Check the Anonymize user data checkbox if you do not want to show any usernames in the reports.
    If you don't want to list usernames in reports, e.g. when sharing the report outside the organization, you can anonymize those usernames. USernames will then be represented by generic designations (e.g. "user00001").
  4. Click Start.
    if you are running Specops Password Auditor without a Specops Password Policy Breached Password Protection license, you will be presented with a window giving you the option to import a specialized Specops Password Auditor license (this can also be done by clicking the Import License link on the Start page). Clicking No here will run Specops Password Auditor in a limited capacity. You will see a summary of user accounts using leaked passwords. With a Specops Password PolicyBreached Password Protection license, you can get additional details on the user accounts.
  5. You will be presented with an option to run the scan against a large list of vulnerable passwords. You can:
    • Skip the Breached Password Protection scan.
    • Use a local version of the password list. Select this option if you have previously used the Breached Password Protection scan, and the version of the local files and latest version are the same.
    • Copy the password Breached Password Protection list from the domain (from SysVol). Select this option if you are already running Specops Password Policy with a Breached Password Protection license.
    • Download the latest version of the password list. Select this option if this is your first time running the Breached Password Protection scan, or the local files were published before the latest version.
  6. Click Start Scanning.
  7. Click Show Result to view the collected information.