Check AD User Last Password Change Date with PowerShell

Check Last Password Change Date with Lepide Auditor
x
2 min read | Updated On - November 21, 2024
In This Article

Passwords need to be changed regularly. This is one of the most basic password security best practices as it protects user accounts from hackers, scammers, and other security threats. Therefore, a strict password change policy is required in every organization.

Being able to see the last password change date for a user is helpful when troubleshooting an account lockout or investigating a data breach.

If you have enough PowerShell knowledge and experience, you can see the password’s last set date by creating and running a script using the Get-ADUser cmdlet. However, using this native method means you need to have knowledge of PowerShell scripting. A solution to this is to use Lepide Active Directory Auditor and run the Password Older than n Days Report.

These two ways to find the last password change date are described as follows::

  1. Using the Native Method (PowerShell Script)
  2. Using the Lepide Active Directory Auditor

PowerShell to Find Last Password Change Date in Active Directory

Please follow the below steps:

  • Open the Powershell ISE
  • Run the following script, using the –identity parameter to specify the user account that you want to know the password last set date for:
    Get-ADUser -identity Gemma -properties passwordlastset, passwordneverexpires | sort name | ft Name, passwordlastset, Passwordneverexpire
  • Review the results:
    Last Password Change Date Using PowerShell

Find the Last Password Change Date Using the Lepide Active Directory Auditor

This native way to find the last password changed for an AD User Account is complex and requires knowledge of how to write a PowerShell script. A more straightforward solution to this is to use Lepide Active Directory Auditor.

Lepide Active Directory Auditor overcomes the complexity of the native method by providing a straightforward way to list all passwords older than a specified number of days by using the Password Older than n Days Report:

  • Click the Permissions & Privileges icon and select Password Older than n Days
  • Specify a domain name
  • Click Generate Report
  • The report shows the date the password was last changed
  • The report can be filtered, sorted, saved, and exported
    Password Reset Date Lepide Auditor

Conclusion

As you can see, Lepide Active Directory Auditor provides a far simpler method of finding the data a password was last changed for an AD User Account.

Find Last Password Change in Active Directory with Lepide
x
Learn More...

Check Last Password Change Date with Lepide Auditor

x
Learn More...