Real-time Password Blacklist
Password RBL strives to make deploying and using password blacklisting easy. Our API is RESTful and there are no complicated session keys to manage. In just a few lines of code, you can be using the Password RBL password blacklist to prevent the use of bad passwords that lead to unauthorized access and data loss
If deploying Password RBL on your site wasn't easy enough, we have an API guide written in plain English that is easy to understand. And, we even provide sample code so you can see just how to implement Password RBL on your site or app.
The Password RBL database is full of over 68 million bad password combinations, but there are many password choices that would be bad choices for one particular company, but not necessarily another. For example, any publicly accessible information about a business shouldn't be used - things like the company address or slogan. Use our API for managing your custom blacklist, or use our provided PowerShell-based utility that runs on any Windows computer.
Password RBL was designed with security first. Passwords are salted and hashed 30,000 times with the industry standard PBKDF2 algorithm before being sent to the Password RBL API, where they undergo over 10,000 more rounds of hashing before being queried against the Password RBL database. Furthermore, all communications with the API are secured with TLS connections and can be anonymous, too. And Password RBL has a zero-logging policy so query strings sent to the service never get written to disk.
Password RBL can be implemented in just a few lines of code on your authenticating server, and there is nothing for you to download and manage on your systems or that end-users download as part of the login process that slows them down or eats up their allocated bandwidth on metered connections.
The sign up process is simple and straight-forward. Just browse to our subscribe page. This will walk you through the few steps necessary to get the process going. You pick the package that matches your needs or request a custom quote. Then fill out a short registration form which will provide us the necessary information about your web server(s), domains, and/or IP addresses - and you're done! No credit card is required to get started and every new subscription comes with a free trial so you can get comfortable with the solution before paying for it!
Does your business rely on public-facing websites or apps? Do you have proprietary or customer identity data you need to keep private? Do you need to protect customer credit card information for PCI compliance? All these are good reasons to deploy Password RBL password blacklisting on your web site or app. It is an easy and effective way to prevent bad passwords before they happen.