Real-time Password Blacklist
We strive to provide a business service that is excellent in every way. We deal in password security, so technologically, we have designed an extremely secure system. Our double-blind hashed password submission makes it mathematically improbable for anyone (even us!) to crack the passwords being submitted. But, just in case anyone else is listening in, the submissions are transferred from your server to ours through a TLS-encrypted session as an added layer of security.
But we didn't stop there! We also strive to make the non-technical parts of our business just as excellent. Our terms of service is straight-forward, clear and honest. Our subscription process is painless and during account setup - we collect only the information we need. And we never, ever share or sell information to other businesses.
For decades, e-mail administrators have used Real-time Black Lists to keep track of email servers that send out SPAM. The Password RBL service is similar, but instead of making a list of email server IP addresses, we have developed a list of passwords that have been used by hackers to gain unauthorized access to accounts all across the Internet. You can use this list to prevent your users from choosing these poor passwords.
Adam Smith studied Computer Science at the University of California Santa Barbara. His emphasis was in computer security, networking and cryptography. After graduating, he worked as a Windows and Unix systems administrator for a number of years before moving on to IT integration engineering. He has witnessed first-hand the effects of hacked accounts - be it an individual's online banking account or a business's social network account. The outcomes can be terrible for the lawful account owners. This is why he decided to do something to help.
Password RBL is a solely owned company. There are no investors so we do not cater to anyone's interests but those of our customers. The company is located in and is a California-based company.
Password RBL began in 2013 when founder, Adam Smith, decided to create a reasonably priced web service to help combat the increasing number of reports about accounts being hacked all across the Internet. He appreciates simple solutions to complex problems. This spawned the idea of a password block-list. He wanted the service to be accessible by all companies, big or small, because hackers do not discriminate between the small web businesses and Fortune 500 companies. Before any true development occurred, countless hours were spent assembling the original list of bad passwords. Then the service architecture and API were designed.
The service deals directly in password security, so the service was designed with security as a priority from the very beginning. In fact, all aspects of the company were founded with security in mind - from the technical service architecture to the way Password RBL collects as little customer information as possible. Minimizing information exposure good thing. But more impressively, the service is architected in such a way that even Password RBL cannot determine what passwords are being checked. And with a zero-logging policy, submissions to the service can even be anonymous, too.
Complexity often leads to insecurity. Adam believes that simple solutions are the best solutions so he created Password RBL from the ground up to be as simple as possible each step of the way. This includes being simple to implement - just a few lines of code on your website or a few clicks on your domain controller - but also simple to get the information you need from our website. And let's not forget the clear language in the terms of service!