Real-time Password Blacklist


Prevent bad passwords before they happen!

Use both With a SINGLE subscription!

Protect Whatever You Choose 

When you subscribe to the Password RBL API, you choose how you want to use it.  The API is easy to implement and compatible with  anything that can perform hashing and create HTTPS requests.

Secure Password Submission

All passwords submitted to the API are first salted and hashed 

30,000 times and transferred over a secure TLS session. 

Then they're salted and hashed again!

Easy to Understand Docs & Sample Code

Our API Guide is written in plain English and we provide you with sample PHP code  so you can spend more time on your site or app and less time worrying about implementation.

Reporting Only mode for no-impact on End-Users 

You can use the API in Reporting Only mode to determine if your users are picking poor passwords without impacting their choice.


from anywhere or anything

Password Firewall

for Windows Active Directory

Easy to Install

Password Firewall has an easy to use Installation and Un-installation Wizard compatible with Windows Server 2008 R2, 2012, 2012 R2 and 2016..

Simple to Use

Password Firewall extends the built-in password filter of Windows so your Admins don't have to learn a new application and End-Users don't need to do or use anything different when changing their passwords.


All code provided by Password RBL is provided in a source-available manner so you can be certain that it meets your security requirements.

Do Your AD Users Choose Bad Passwords?  Probably!

Password Firewall for Windows can be used in Reporting Only mode to determine if password choices are bad without impacting their use.