FAQ

Why do I need a password audit?
Many reasons! Password management is often overlooked in organizations. Outside attackers are well aware and will often take advantage of it. Why bypass a firewall when you can access a network with an account that has Welcome123 as its password. Also, disgruntled employees exist and can make a lot of damage by accessing an account that used the same password as them.

Will my data be safe?
Yes. Your data will be encrypted and you will have complete control over it. At the end of the audit, all your data is purged from our systems except the final report that is kept in an encrypted vault for futur references.

What are the requirements?
Active Directory Audit:

• A domain controller with Windows Server 2012 or higher.

• Domain admins credentials.

• Powershell 5.1 or higher if you want your data to be encrypted.

IT Glue:

• An API key with passwords access. We can help you generate one if needed.

How long will it take?
The process takes around 3-5 business days.

How do I know if your executable is safe?
The code that runs on your domain controllers is open. It is a powershell script that has been encapsulated in an exe form. If you don’t feel comfortable with that, you can even send us the data we need manually. Contact us at info@betterpasswords.ca to know more.

I Have 2FA, why would I need to do this?
2FA is not perfect; It has been bypassed multiple times in the past. Your IT security is as strong as its weakest link, don’t let it be your passwords. There is also a high probability that your service accouts don’t have 2FA and need to be audited.

Why would I pay you for it. I can do it myself?
Yes you can and we encourage everyone to do so. You will learn how to create better passwords and how to protect your organization at the same time. The difference is that we have years of experience and have access to massive databases of passwords we aquired over the years.