Are you prepared if a hacker attacks tomorrow?
Audit your passwords to see if there are possible risks to your Active Directory.
Its free, secure and guaranteed safe with 100% encryption.
Know your risk today!
DOWNLOAD AND GET YOUR SECURITY REPORT
*Information submitted on this form may be associated with other information we have collected and used pursuant to our Privacy Notice.
The biggest businesses in different industries trust FastPassCorp


What can you get from the audit?
DOUBLE THE PROTECTION
Know if you have weak passwords in your Active Directory and create stronger Password Policy
CHECK FOR WEAK SPOTS
Remove threats and check for weak encryption in your Active Directory
EASY DASHBOARD AND REPORTING
Generate report on accounts that re-use same password
ABOVE PAR SECURITY STANDARDS
Compare against database containing millions of breached passwords
ADDITIONAL SUPPORT
Our security experts can provide additional support in helping you run the tool and interpret recommendations

Contact FastPassCorp to discuss solutions to your situation
About the Password Audit Tool
This password auditing tool will give your organization a report which includes an overview of your risk and exposure to the threat by checking for lapses and weak domain password in your Active Directory. This password audit tool is free for lifetime use developed together with KSS to promote stronger and more secure enterprise passwords. Unlike other time-consuming tools, ours is free, secure, and easy to run and use.
How Secure is this tool?
RATED AS THE BEST FREE PASSWORD SECURITY AUDIT
By security leaders from small to large enterprises
Not sure if you have the right privileges? Send the tool to your IT Infrastructure Team.
You may opt to receive it via your email and forward it to them or let them know directly below.

What you can expect from the Password Audit Results and Recommendations
The following information is provided to help analyze the charts of this password auditing tool and explore recommended solutions to resolve any issues identified. It can also help enhance your existing domain password policy.
Blank passwords are a serious threat to computer security.
A blank password makes the authentication process as weak as simply guessing a username, making a brute-force attack against the account trivial.
Any account found to have a blank password should be given a strong, complex, password.
FastPassCorp has a solution to secure the password creation process, ensuring that only strong passwords are chosen by users.
A weak password is one that is either easy to guess given basic knowledge of the user (for example, a birth date or name of a family member), is one that is commonly used (such as 'password' or 'guessme'), or is not complex enough and therefore can be attacked by brute force. All of these characteristics increase the chance of an attacker being able to compromise the password in a short length of time.
A strong password policy should be enforced. FastPassCorp has a solution to secure the password creation process, ensuring that only strong passwords are chosen by users.
Older versions of Windows used a password hashing method known as Lan Manager (LM)hashing. This hashing process was relatively weak, and in turn allowed attackers to turn a hashed password back into its original plain text form with relative ease.
Microsoft provide guidance on this feature and how it can be changed.
Passwords stored using reversible encryption can be extracted from Active Directory by a privileged
user and decrypted to reveal the original password.
Microsoft provide guidance on this feature and how it can be changed.
Domain member computers have been found using the default computer password. This would allow an attacker to use the computer account to access Active directory and gather more information that could be used in an attack.
The machine(s) in question should have their computer passwords updated. Microsoft provide guidance on how this can be performed.
Accounts with the 'password not required' flag can opt to use a blank password. Blank passwords are a serious threat to computer security. A blank password makes the authentication process as weak as simply guessing a username, making a brute-force attack against the account trivial.
Update any account with the 'password not required' flag to require a password. Microsoft provide guidance on this feature and how it can be changed.
FastPassCorp has a solution to secure the password creation process, ensuring that only strong passwords are chosen by users.


Accounts have been found which have password expiration enabled.
Guidance on password expiration differs by sector. Please consult guidance for your sector (for example PCI-DSS, NIST etc)
In the absence of stronger AES encryption keys, weaker encryption methods such as RC4 and DES
are used during the authentication process. This potentially allows an attacker to decrypt the
network traffic and extract credentials for later abuse.
Microsoft provide guidance on how to enable AES keys.
Without pre-authentication, an attacker is able to make a single request for an authentication token, and then crack the encryption for the token whilst offline.
As there was only a single request made, no suspicious behaviour would show up within the Active Directory security logs.
It is recommended that Kerberos preauthentication is enforced.
For further guidance, please seek guidance from an appropriate source.
When it was first implemented, the Kerberos protocol used the DES encryption standard.
This has since been compromised, and it's use should be retired where possible.
Microsoft provide guidance on how to disable the use of DES encryption.
Active Directory delegation is critical part of security and compliance.
By delegating control over Active Directory, you can grant users or groups the permissions they need without adding users to privileged groups like Domain Admins and Account Operators.
Microsoft provide guidance on how this can be configured.
Smart card authentication is a two-step login process that uses a smart card. The smart card stores a user's public key credentials and a personal identification number (PIN), which acts as the secret key to authenticate the user to the smart card.
Microsoft provide guidance on how this can be configured.

FastPassCorp and KSS Partnered to roll out this tool.
This tool is so powerful that it runs through your enterprise active directory securely and releases results in just less than 30 minutes that will show level of risk by checking for :
Weak or Common Passwords - Accounts with weak encryption
- Accounts that has no password
- Accounts that reuse the same password
- Shows where passwords are stored in clear text
The tool does not communicate to the outside world with any of the data. The tool does not change or modify any data in Active Directory, no does it need to run on a Domain Controller or a member device. It can be run from any device.
The only reason for requesting elevated rights is the necessity to get hold of the password hashes. As a hash is a mathematical algorithm that maps data of arbitrary size’ to a bit array of a fixed size t represents the password. It is a one-way algorithm, hence a hash will not enable anyone to calculate a password. The hashes in Active Directory is compared against the hashed list of breached passwords in the file. Again the file just contains the most breached hashes.
Identifying a breached password will not lead to anyone knowing what the actual password is. The same is true for the comparison towards the text file holding specific passwords to check. If the system that a password holds one of these passwords, the user account pops up on the list however the password is not revealed.
Requirements:
The tool will run on any Windows Device having .Net4.7.2 installed. The device needs to have access to Active Directory but it is not a requirement that the device is a member device. To run the test a user account having Domain Admin (r/o) rights are needed.
Instructions:
- Install .Net 4.7.2 or newer
- Download the tool
- Unzip the files in a folder of your choice
- Open the PDF document in the documentation folder and follow the detailed instructions
File will be automatically downloaded upon submission of company email. You can also click the link in the Thank You page if the download haven't started automatically
This tool may be used by any enterprise ideally with employees from 30 to as large as 5000 users.
IT Security Team, IT Managers, or anyone who is working as an Active Directory Admin.