Active Directory weak password checker

How do you know if there is a weak password configured in Active Directory? For auditing and security-wise, it’s essential to have strong passwords. We recommend using an Active Directory weak password checker. In this article, you will learn how to audit with an Active Directory weak password finder tool.

Check Active Directory weak passwords

The product that we are going to talk about is Enzoic for Active Directory Lite. The tool scans for common passwords, passwords found in cracking dictionaries, and passwords that have been previously breached and exposed online. It also finds passwords reused within your organization. It’s a lightweight version of Enzoic for Active Directory, suitable for performing a quick audit using Enzoic’s proprietary database of 7+ billion exposed passwords.

Installing Enzoic for Active Directory Lite

Go to the following page and download Enzoic for Active Directory Lite. The download is 8 MB in size, and it’s a FREE product. Installing the application is very fast, with a couple of clicks. I will show the steps below.

After saving the file to the system, right-click and select Run as administrator.

The welcome screen of Enzoic for Active Directory Lite shows up. Click Next.

Accept the license agreement and click Next.

Keep the default installation folder and click Next.

Click Install to begin the installation.

The setup finished. A desktop shortcut is created on the desktop and in the start menu. Click Finish to close the setup wizard, and it will launch Enzoic for Active Directory Lite.

Didn’t we tell you that the setup is fast and easy to follow? In the next part, we will see the application in action.

Check Active Directory weak passwords

After we clicked Finish in the last part, the check for weak or compromised password window shows up. Click Check Now.

Enzoic for AD Lite will check for weak or compromised passwords in the Active Directory domain.

After it’s finished with scanning, the user information window is showing. Fill in your information, and click Show Results.

Active directory weak password checker results

After scanning the Active Directory with the database of Enzoic, the results are showing.

In my example, there are no weak or compromised passwords. However, there are user accounts that use the same passwords. That is not good to see. It’s good to inform the users to change their Active Directory password.

Close the Enzoic application. In the next step, we are going to check Active Directory weak passwords.

Active directory weak password checker testing

I want to test the Enzoic Active Directory password checker. That’s why I changed the password of two user accounts. The new password of Amanda Morgan is Ferrari02. The password of Dylan Piper is Welcome12.

Start Enzoic and check for weak or compromised passwords in the Active Directory domain.

The user information is already filled in. If not, fill it again and click Show results.

After scanning the Active Directory with the database of Enzoic, the results are showing.

This time, the password exposed in breach is showing for both the users.

We can always export the results to CSV and open it with our favorite CSV viewer. I am using Microsoft Excel.

Use the tool to check Active Directory weak passwords. If you notice weak passwords or compromised passwords in Active Directory, change them immediately. After that, inform the users that the password is changed.

Conclusion

In this article, we talked about Active Directory weak password checker. Install the Active Directory weak password finder on the domain controller or management server. Let it check the user account passwords and have a look at the results. If there are user accounts with weak passwords or compromised passwords, change them. Don’t forget to notify the user.

Did you enjoy this article? You may also like to read Bulk create AD Users with random passwords. Follow us on Twitter and LinkedIn to stay up to date with the latest articles.