Real-time Password Blacklist
( No Credit Card Required )
The service is easy to implement with a wizard-based Easy Install for Windows, a one-page Quick Start Guide and understandable API documentation
NIST Recommends Password Blacklisting - The National Institute for Standards and Technology has released an update for their Digital Authentication Guidelines in NIST Special Publication 800-63-3. They are now recommend that organizations employ a Password Blacklist to prevent the use of known bad choices. Password RBL is exactly what you need - a curated list of all these known bad passwords - and it's simple to deploy and use. Learn more here.
Outlook Bug Exposes User Passwords - Microsoft recently patched a vulnerability in Outlook that allowed attackers to get access to user password hashes by only sending a specially crafted email to the victim. If the end-user didn't have a strong password, attackers would easily crack the victim's password and the victim would never know that it even happened! Subscribe to Password RBL and say goodbye to bad passwords.
Github, GotoMyPC, latest sites hit with password attacks following huge credential breach - Since the recent for-sale posting of credential databases for LinkedIn, Tumblr, MySpace and more, many websites are seeing an increase in password attacks using the information gained from these credential databases. Password RBL can help prevent attacks exactly like this.
The LowLevel04 RansomWare Spreads by Exploiting Weak Passwords- Ransomware is a big problem for businesses- it encrypts your data files until you pay a "ransom" costing thousands in bitcoin and lost productivity. This specific variant, dubbed LowLevel04, spreads by brute-forcing weak passwords via Microsoft Remote Desktop / Terminal Services connections. Many businesses use Remote Desktop for remote employee access to corporate resources. Yet another reason to use Password Firewall for Windows!
Redirect-to-SMB Vulnerability Exposes User Passwords- This bug reported is a new take on an issue discovered in 1997 and garnered alot of attention at DEFCON 24. All versions of Windows and many common applications are vulnerable. This vulnerability works by using a standard HTTP redirect, but the victim is redirected to a malicious SMB server. Since Windows automatically attempts authentication by design, it sends the victim's hashed credentials to the SMB server. If the victim's password is simplistic or common, then it's easily cracked. Subscribe today and prevent bad passwords before they happen!
We use only industry standard algorithms & have a zero-logging policy. Our double-blind hashed password submission is also protected by TLS.
One subscription covers access to the API. You choose if you want to protect Active Directory, your site, your app or all of them!.
All the passwords in our system have been vetted by a real person. We don't use any automated methods to build our password database.