Skip to content
Search
Support
 Select language
Cancel

Password Exposure Test: Free Breach Exposure Scan

Find out which users in your organization are putting you at risk...before cybercriminals do!

Are your users putting a big target on your organization's back?

Cybercriminals are constantly coming out with new ways to hack into your network and steal your organization’s confidential information.

Password Exposure Test

Verizon's recent Data Breach Report showed that 81% of hacking-related breaches used either stolen or weak passwords. And, a new survey from Dark Reading shows 44% of organizations say users pose the greatest threat to data security!

Find out if your users are putting a big target on your organization's back!

KnowBe4’s new Password Exposure Test (PET) is a complimentary IT security tool that allows you to run an in-depth analysis of your organization’s hidden exposure risk associated with your users. 

PET makes it easy for you to identify users with exposed emails publicly available on the web, and checks your Active Directory to see if they are using weak or compromised passwords that are part of a known data breach. PET then reports on any user accounts affected so you can take action immediately!

Here's how the password exposure test works:

  • Checks to see if any of your organization's email addresses have been part of a data breach
  • Tests against 10 types of weak password related threats associated with user accounts
  • Checks against breached or weak passwords currently in use in your Active Directory
  • Reports on the accounts affected and does not show/report on the actual passwords 
  • Just download the install, run it, get results in minutes!

Identify which users may be putting your organization at risk before cybercriminals do!

Requirements: Active Directory, Windows 10 or later (32- or 64-bit), Windows Server 2016 or later.

NOTE: The analysis is done on the workstation you install PET on, no confidential data leaves your network, and actual passwords are never disclosed.

Password Exposure Test FAQs

What Does the Password Exposure Test Check For?

The Password Exposure Test checks whether your organization’s email addresses appear in public breach datasets and evaluates Active Directory accounts for weak or breached password risk signals so you can remediate affected users quickly.

Does the Password Exposure Test Show Actual Passwords?

The Password Exposure Test does not display, export, or report any user’s actual password, and it only reports which accounts are affected.

What Does It Mean if an Email Is “Exposed” in the Password Exposure Test?

An email is considered exposed when it appears in publicly available breach data, which increases the likelihood of phishing, credential stuffing, and other account takeover attempts.

If an Email Is Exposed, Does That Mean the Current Password Is Compromised?

An exposed email does not automatically mean the current password is compromised because breach exposure can be historical, but it is a strong signal to enforce protections like MFA and a password reset where appropriate.

What Is the Difference Between a Weak Password and a Compromised Password in the Password Exposure Test?

A weak password is one that is easier to guess or crack due to patterns or low complexity, while a compromised password is one that matches a password known to have appeared in breach data and is therefore higher risk.

Sign up for your Free Test