Password Security Auditing

The Authlogics Password Security Auditing solution is designed for CISO’s and network administrators who, for compliance and security reasons, need to know how vulnerable their Active Directory is, to identity any password-based attacks and want a thorough report detailing the risks and issues. The Active Directory password security audit process is quick and non-intrusive. It checks for previously breached and shared passwords and highlights compliance issues against the NIST SP 800-63B password policy standard.

Unlike traditional penetration testing tools which can take 3-5 days attempting to brute force only the simplest of passwords on a subset of accounts, our solution examines every single user account, regardless of how long or complex the password is, to provide an accurate compliance report covering every user account in under an hour.

Audit Report Examples
  • Takes minutes, not days
  • Password Audit and Risk report
  • Identifies people using AD passwords on other web sites
  • Finds accounts sharing the same password
  • Passwords & hashes never leave the network
  • Per user spreadsheet breakdown
  • Read-only, no downtime ro reboots
  • Can be run remotely

How does the audit work?

The password audit is performed by simply running our audit tool on a PC on your network. The audit tool will read the AD user account and password hash data from all existing user accounts and then analyse it against data stored in our Authlogics Password Breach Database of over 4 billion breached credentials to determine which accounts are currently using a known breached password. This process is extremely quick compared to traditional password audit methods as no brute-forcing is required. The audit can be run remotely with your full visibility, or one of our partners may be able to perform the audit on site.

The password audit tool will also look for similar email addresses where the same breached password has been used which could be the same person. This is useful to highlight users who use their AD password on other websites and external systems which is a very risky practice.

A very common problem with AD passwords is that people share them with colleagues even though company policy prohibits it. This behaviour significantly lowers accountability which is required by most compliance legislation. It is also all too common to find administrators who use the same password on their admin account as their day to day account, which goes against best security practice. The audit tool will also locate these accounts.

Your passwords and their hashes are kept private at all times as they never leave your network. The password audit tool uses K-anonymity technology, sending only the first 6 of the 32 character password hash to our Password Breach Database when looking up results. That way we never know which password you are looking up.

The audit result will include various spreadsheets detailing results on a per-user basis with which you can action problems found. A full PDF audit report with risk analysis will also be generated and sent you afterwards.

Book an audit today

Fill in your details and a member of our team will get in touch with you to answer any questions you may have and to book a password audit time slot.

To perform an Active Directory password audit you will require the following:

  • Domain Administrator credentials
  • A Domain-joined Windows PC with .NET 4.6.2
  • Internet connectivity