Real-time Password Blacklist


Prevent bad passwords before they happen!

how to


What is

Password RBl

A RESTful web API that is simple to use!

Password RBL strives to make deploying and using password blacklisting easy.  Our API is RESTful and there are no complicated session keys to manage.  In just a few lines of code, you can be using the Password RBL password blacklist to prevent the use of bad passwords that lead to unauthorized access and data loss

Easy API guide and sample code

If deploying Password RBL on your site wasn't easy enough, we have an API guide written in plain English that is easy to understand.  And, we even provide sample code so you can see just how to implement Password RBL on your site or app.

Custom Blacklisted Passwords

The curated Password RBL database contains over 75 million bad password combinations, but there are many password choices that would be bad choices for one particular company, but not necessarily another.  For example, any publicly accessible information about a business shouldn't be used - things like the company address or slogan.  Use our API for managing your custom blacklist, or use our provided PowerShell-based utility that runs on any Windows computer. 

Layers of Security

Password RBL was designed with security first.  Passwords are salted and hashed 30,000 times with the industry standard PBKDF2 algorithm before being sent to the Password RBL API.  Customers can also choose to submit only a portion of the hashvalue for additional security assurances.  Furthermore, all communications with the API are secured with TLS connections and can be anonymous, too.  And Password RBL has a zero-logging policy so query strings sent to the service never get written to disk.

Lightweight Solution

Password RBL can be implemented in just a few lines of code on your authenticating server, and there is nothing for you to download and manage on your systems or that end-users download as part of the login process that slows them down or eats up their allocated bandwidth on metered connections. 



It's easy!

The sign up process is simple and straight-forward.  Just browse to our subscribe page.  This will walk you through the few steps necessary to get the process going.  You pick the package that matches your needs or request a custom quote.  Then fill out a short registration form which will provide us the necessary information about your web server(s), domains, and/or IP addresses - and you're done!  No credit card is required to get started and every new subscription comes with a free trial so you can get comfortable with the solution before paying for it!

Password RBL is an easy to implement password blacklist for websites & apps


Does your business rely on public-facing websites or apps?  Do you have proprietary or customer identity data you need to keep private?  Do you need to protect customer credit card information for PCI compliance?  All these are good reasons to deploy Password RBL password blacklisting on your web site or app. It is an easy and effective way to prevent bad passwords before they happen.