Ryan Bolger

Ryan Bolger

Adventures In Tech

Auditing Active Directory Passwords With PwnedPassCheck

Make sure users aren't using compromised passwords.

Ryan Bolger

In a previous post, I introduced a new PowerShell module called PwnedPassCheck. It can be used to check passwords and hashes against a list of over half a billion compromised passwords exposed in data breaches thanks to Troy Hunt’s incredibly useful haveibeenpwned.com. In this post, I’ll demonstrate how to use the module in conjunction with Michael Grafnetter’s amazing DSInternals module to quickly audit existing passwords in Active Directory against the compromised list.

New Module: PwnedPassCheck

Checking if passwords or hashes have been compromised.

Ryan Bolger

Troy Hunt’s incredibly useful haveibeenpwned.com is a great way to check whether your email address and other personal information was exposed in a data breach. But it also allows you to separately check if a specific password was exposed in a breach. As of version 5, the data set contains over half a billion compromised passwords and the number of times they’ve been seen in data breaches. My PwnedPassCheck module lets you query that data easily via PowerShell.

Recent Posts

Categories