The ideal password is between 12 to 14 characters long, with a mixture of upper and lower case letters, numbers, and special characters. But many users tend to use weak passwords since they're easier to remember. The problem is, weak passwords are an open invitation for hackers to exploit user accounts and gain access to the corporate network.
The IT admin's job is to ensure that every user account in Active Directory is secured with a strong password. Unfortunately, the default domain password policy, which admins use to enforce password rules in Active Directory, doesn’t have the necessary controls to ensure strong passwords.
Luckily, there's a free tool from ManageEngine that can help you out. The Weak Password Users Report helps you find weak passwords in Active Directory by comparing users’ passwords against a list of over 100,000 commonly used weak passwords. When it finds a match, the report will display the users' details. You can then force the users with weak passwords to change their passwords the next time they log on, or use a password management solution—such as ADSelfService Plus—to granularly enforce a much stronger password policy.