Custom Password Blacklisting comes to Active Directory with latest release of Password Firewall for Windows
Administrators can now easily block specific passwords in Active Directory; Password RBL adds customer-specific entries to its massive password blacklist for Windows.
By: Password RBL
Bad passwords have plagued businesses for decades. In the last few years there has been a noticeable increase in reported data breaches because exploiting weak passwords is an easy way for hackers to gain access to business networks. The 2014 Verizon Data Breach Investigation Report found that 2 out of 3 network breaches exploited weak or stolen credentials. IT departments have tried to coach users into choosing complex passwords and employed the use of password policies, but this doesn't solve the problem. There are millions of bad passwords that meet common policies. Password policies do, however, annoy end-users with frequently required password changes. The built-in password policy in Windows is no longer good enough. Password RBL ensures that end-users choose strong passwords that hackers don't already know. And now companies can add their own banned passwords to further customize the service to their needs. If users are picking strong passwords, then they should be allowed to keep them for longer. Truly a win-win situation.
Password RBL's Password Firewall for Windows is extremely lightweight, features an easy wizard-based installation that only needs to be run on Domain Controllers, and doesn't require end-users or IT staff to learn anything new. Furthermore, Password Firewall follows the exact same pricing model as direct API access to the Password RBL blacklist and both products can be used simultaneously under the same subscription.
Password RBL, founded in 2013, is a provider of affordable and easy to use password blacklist solution. The company slogan is "Prevent Bad Passwords Before They Happen" because their solutions prevent the use of bad passwords that hackers user to gain unauthorized access to business networks across the globe. They consolidate passwords discovered by analysis of hacker tools, running honeypot servers, and scouring the web for published credential databases from data breaches.
Currently, subscriptions to the service start at just $15.00 (USD) per month.