Many thanks to the great folks at Password RBL, who have sponsored my writing for the past week.
Bad passwords have plagued businesses for decades, exposing proprietary and customer data. This is a significant IT security problem that has only seemed to get worse as companies put more and more data behind systems protected by password authentication. But there is a simple and effective solution to this problem: Password RBL.
Password RBL is a real-time blacklist of passwords for your Active Directory, web site or app. They scour the web for leaked credentials from data breaches, run honeypot servers and analyze hacker tools to discover the passwords hackers use to gain unauthorized access to business networks across the Internet. This growing list of bad passwords are the passwords businesses want to block employees from using.
Password RBL’s motto is Security by Simplicity. They provide an simple wizard-based installer for Windows in their Password Firewall product and direct API access for web sites and apps. Both solutions are available to subscribers for the same monthly fee. Their terms are straight-forward, and their documentation is easy to understand as are the sample code snippets they provide.
Is it secure? Yes. Password RBL has a zero logging policy, employs over 40,000 rounds of hashing and all queries are done over a TLS connection. API queries never include user name information and can be submitted anonymously. Plus, any provided code is “source-available” so you can verify it meets your security standards.
Stop worrying about bad passwords. Sign up today and get the first 30-days free!
If you’re interested in exclusively sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.