- New option to present anonymized scan results (for privacy concerns).
- Support for scanning multiple Active Directory domains.
- Support for scanning multiple organizational units.
- Updated compliance reports for CJIS, HITRUST CFS, NIST, PCI V4, NCSC, BSI, ANSSI, and CNIL.
- New report Delegable Admins to show admin accounts that can be delegated (not having "account is sensitive and cannot be delegated" set).
- New report Stale User Accounts, showing users who have not logged in recently.
- Improved export of duplicate passwords report, with grouping of the duplicate passwords.
- Added Expiration and Password last set to the breached passwords report.
- For policies with SPP length-based password aging, presented policy information could be incorrect.
Released November 03, 2022
- New "Password Age" report, useful to determine which users have not changed passwords after a known breach.
- PDF reports now available in French.
- PDF reports now available in German.
- The blank passwords and identical passwords report were not displayed if no breached password list had been downloaded.
- Added "last password change" and "time until password expires" to the breached passwords report.
- Changed the default PDF report filename to include more information about the report options.
Released March 30, 2022
- The Identical passwords report has been made easier to navigate.
- Relative strength now uses entropy.
Released May 04, 2021
- New report to show users with ‘Password never expires’.
- New hostname for Breached Password Protection, see Installation (section Requirements)
- Added index for same password report for readability.
- Changed to save last download folder to per-computer rather than per-user, to avoid having multiple users on the same computer download the same list to different locations.
Released September 16, 2020
- Fixed an issue where some reports were displayed even though data had not been collected for them.
Released July 20, 2020
- Added PDF reporting, summarizing password security related findings.
- Added option to select root for scanning, when not scanning the entire Active Directory.
- Compliance report could fail to include dictionaries.
Released July 8, 2020
- Due to the unprecedented global impact of COVID-19, Specops Software has enabled full functionality in Specops Password Auditor even with a trial license, enabling organizations to identify users who are running compromised/identical passwords on their AD accounts.
- Additionally we have extended the ability to review the Expiring Passwords report up to a year in advance so that you can easily identify users whose passwords may expire while they are off the corporate network during the current global pandemic.
- Installation could fail if .Net framework 4.8 was installed.
Released March 24, 2020
- Fixed an issue where scanning users could fail and stop the entire scan process.
Released February 20, 2020
- Improved offline scan workflow (see Offline Scans for more information).
Released December 11, 2019
- Added export option for all users with leaked passwords.
- Fixed an issue where the back navigation could fail after downloading a dictionary.
Released October 16, 2019
- Fixed an error that could happen if the user who is running SPA does not have permission to read users’ security group memberships.
- Improved error handling if some password hashes cannot be read from the domain controller.
- Changed the structure of the Identical Passwords report to use two levels for increased performance.
- Improved performance when reading user details.
- Improved error messages when failing to access the Breached Password Protection Express online service.
Released August 12, 2019
- In some environments, looking up a user’s password hash could fail.
Released July 29, 2019
- Added SamAccountName information to multiple reports.
- Added email address information to the export of multiple reports.
- Added distinguishedName information to the export of multiple reports.
- In some scenarios, dictionary download timeouts caused the Breached Password Protection scanning to fail.
- The Identical Passwords report will now export all accounts instead of 50 accounts per group.
- Responsiveness improvements when the Breached Password Protection scanning is cancelled (either manually or automatically due to an error).
- Added configuration to enable SPA to use the default proxy when downloading the Breached Password Protection Express dictionary.
- Improved the error message that is displayed if something goes wrong when scanning Active Directory.
Released June 19, 2019
New report that identifies user accounts with passwords that are
known to be leaked. This feature compares the password hashes of
user accounts with a list of leaked passwords from the Specops
Password Breached Password Protection.
- Note: For full feature functionality, you will need a license for Specops Breached Password Protection.
- New report that identifies user accounts that have the same password.
- New report that identifies user accounts with blank passwords (no password).
Released June 12, 2019
- Fixed issue where scanning stopped if the “Password Settings” container for fine grained password policies was missing.
- Fixed issue with writing default application settings in registry.
- Registry writing from x86 installer on x64 OS was incorrect.
- Improved error process if scanning fails.
Released May 5, 2017