KnowBe4 Launches New Breached Password Test to Identify Compromised Active Passwords

No-Cost Breached Password Test tool checks for currently active passwords that provide hackers with an easy target for access into organizations

KnowBe4, provider of the world’s largest security awareness training and simulated phishing platform, today announced that it has released a new tool called Breached Password Test (BPT) that searches nearly two billion records to identify passwords that are currently in use in a domain but have been exposed in a previous data breach.

The Breached Password Test is designed to help IT quickly isolate password security vulnerabilities and at the same time streamline the process of identifying high risk passwords being re-used. The tool will examine passwords on accounts that are currently within any organization’s domain listed within their Active Directory.BPT-1

According to the 2017 Verizon Data Breach Investigations Report, hacked passwords cause 81% of data breaches. Breached passwords then create an easy target for hackers.

“You can have the strongest, most secure password around, such as a passphrase with multiple numbers and symbols, but if it’s been compromised in a data breach, none of that matters,” said Stu Sjouwerman, CEO, KnowBe4. “IT security professionals are often forced to use very time-consuming manual methods of searching out password breach lists to find compromised passwords in their network. Having a free tool like the Breached Password Test goes a step beyond typical password policies to help administrators ultimately protect their infrastructures, networks and systems.”

The Breached Password Test (BPT) is easy to use and takes just a few minutes to run against an Active Directory list and see the results. Recently the National Institute of Standards and Technology (NIST) officially recommended that user-provided passwords be checked against existing data breaches. With the BPT, IT admins can check their company's domains and accounts as frequently as they like. With over seven million records lost or stolen every day, this can help an IT admin better manage password security within their organization.

The tool is no charge and can be downloaded from KnowBe4 at:

For more information on KnowBe4, the Breached Password Test, or other free tools visit


About KnowBe4

KnowBe4, the provider of the world’s largest integrated security awareness training and simulated phishing platform, is used by more than 18,000 organizations worldwide. Founded by data and IT security expert Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new-school approach to security awareness training. Kevin Mitnick, internationally recognized computer security expert and KnowBe4’s Chief Hacking Officer, helped design KnowBe4’s training based on his well-documented social engineering tactics. Thousands of organizations trust KnowBe4 to mobilize their end-users as the last line of corporate IT defense.

Number 231 on the 2017 Inc. 500 list, #70 on 2017 Deloitte’s Technology Fast 500 and #2 in Cybersecurity Ventures Cybersecurity 500. KnowBe4 is headquartered in Tampa Bay, Florida with European offices in England, the Netherlands and Germany and offices in South Africa and Singapore.

Get the latest about social engineering

Subscribe to CyberheistNews