Ryan Bolger

Ryan Bolger

Adventures In Tech

Posh-ACME 3.6.0

New plugins and self-hosted http challenges

Ryan Bolger

Just shipped a new Posh-ACME release, version 3.6.0. This one has a bunch of new stuff including new plugins for Domeneshop, Dreamhost, EasyDNS, and freedns.afraid.org. The other big addition is a new function called Invoke-HttpChallengeListener which can be super handy for people doing HTTP challenges. It’s basically a self-contained webserver that will respond to requests for the HTTP challenges in your order so you don’t have manually deal with making the challenge files…

Auditing Active Directory Passwords With PwnedPassCheck

Make sure users aren't using compromised passwords.

Ryan Bolger

In a previous post, I introduced a new PowerShell module called PwnedPassCheck. It can be used to check passwords and hashes against a list of over half a billion compromised passwords exposed in data breaches thanks to Troy Hunt’s incredibly useful haveibeenpwned.com. In this post, I’ll demonstrate how to use the module in conjunction with Michael Grafnetter’s amazing DSInternals module to quickly audit existing passwords in Active Directory against the compromised list.

New Module: PwnedPassCheck

Checking if passwords or hashes have been compromised.

Ryan Bolger

Troy Hunt’s incredibly useful haveibeenpwned.com is a great way to check whether your email address and other personal information was exposed in a data breach. But it also allows you to separately check if a specific password was exposed in a breach. As of version 5, the data set contains over half a billion compromised passwords and the number of times they’ve been seen in data breaches. My PwnedPassCheck module lets you query that data easily via PowerShell.

Recent posts

See more