We’re delighted to announce the latest release of pwncheck 1.0.27 – the fastest and safest way to find users with pwned passwords on your Active Directory network, offline and without sending your hashes to the cloud.
The purpose of this release is to bring pwncheck inline with the latest version of Troy Hunt’s Have I Been Pwned database (V7), as announced last week in this blog post discussing the cit0day breach collection. The number of unique breached passwords we now check against is over 613 million.
We recommend that you run pwncheck to ensure that none of your Active Directory users are currently using a compromised password, likely to be present in the latest credential stuffing and password spraying lists. Enterprise customers can quickly upgrade to the latest database version by getting in touch with their account manager for instructions.
A General Availability release will be published in two weeks, following our standard testing cycle.
The latest pwncheck documentation has been updated accordingly and can be downloaded here
The best way to find out if pwncheck is right for you is to try it out. Use the download button below to try Pwncheck's free version with absolutely zero strings attached, no form entry required.
If you'd like to test drive the full version fill in the form and we'll send you a single-use evaluation licence (normally $150, €120 or £100).