Your organization’s environment must meet the following system requirements:

  • .NET 4.7.2 (recommended)
  • Server 2012 or above (or Windows 8 and above if running on a workstation)
  • Must be Domain Joined and able to contact a domain controller
  • No Particular RAM/CPU/Disk requirements, but must be x64 with at least 5GB free space for the Breached Password Protection Express Database.

Whitelisted URLs

To use Breached Password Protection, Specops Password Auditor must have access through proxy/firewalls to the following URLs:


For checking the certificate, access through proxy/firewalls is necessary to:



To get started with Specops Password Auditor:

  1. Download Specops Password Auditor from here. If you are a Specops Password Policy customer, and are running version 6.6.17034.1 or higher, you can access Specops Password Auditor from the Domain Administration Tool.
  2. Double click the Specops Password Auditor installer to launch the Setup Wizard.
  3. Click Next to start the installation, and Finish when complete.
  4. Open the tool.
  5. Click Start.
    if you are running Specops Password Auditor without a Specops Password Policy Breached Password Protection license, you will be presented with a window giving you the option to import a specialized Specops Password Auditor license (this can also be done by clicking the Import License link on the Start page). Clicking No here will run Specops Password Auditor in a limited capacity. You will see a summary of user accounts using leaked passwords. With a Specops Password Policy Breached Password Protection license, you can get additional details on the user accounts.
  6. You will be presented with an option to run the scan against a large list of vulnerable passwords. You can:
    1. Skip the Breached Password Protection scan.
    2. Use a local version of the password list. Select this option if you have previously used the Breached Password Protection scan, and the version of the local files and latest version are the same.
    3. Copy the password Breached Password Protection list from the domain (from SysVol). Select this option if you are already running Specops Password Policy with a Breached Password Protection license.
    4. Download the latest version of the password list. Select this option if this is your first time running the Breached Password Protection scan, or the local files were published before the latest version.
  7. Click Start Scanning.
  8. Click Show Result to view the collected information.