Why Passable ?

Passwords, and databases, are breached every day.

Dictionary and rainbow attacks are some of the most effective ways to crack passwords.

Even if you only store the hash of your passwords, any hacker, who got access to your database could get your plain login details.

By using Passable you will be able to prevent both attacks in an easy , fast and free manner, without exposing any sensitive information.

Passable in combination with technologies such as 2-Factor authentication and password salt can greatly decrease the chances of your user accounts being hacked, and minimize the risk from a data breach.


Secure: End-to-end encryption over hashed passwords.

Easy to use: Just make an HTTPS GET request, with the password hashed. The response will indicate if password is secure.

Lightweight: Request is a simple HTTPS GET. Response is a boolean.

Fast: Using optimized binary search, over a several million hashes, typical server processing time is less than a tenth of a second


Using the API is extremely easy : just perform a GET HTTPS request in the following manner


{algorithm} substitutes the algorithm you' re hashing the password with. Following algorithms are available: MD5, SHA224, SHA256, SHA384, SHA512. If you need other algorithm to be added just contact us
{hash} subtitutes the hashed password you' re checking for its strength against dictionary attacks.

Response you will receive couldn't be simpler. It will be a boolean, where 0 means the password is secure, and 1 that it is not.


Suppose that you want to check the password strength of the password "passable" and that you will be using MD5. The MD5 hash of passable is 2ba89adb6d67669f376843d24485080d so you would only have to perform the following HTTPS GET:


You will then receive as an answer, a 1 since this password is not secure; so you should not use it

Now suppose that you would like to check the password 'W9vdf>r7KiO.l' and you will be using SHA224, to calculate the hash. SHA224-hash of that password is 86bae5036696ff989b810f6eb21bf1a0c60594794d6de13760241347 You would query then


You will receive a 0 since that password is secure.

Finally if you want to check the strength of the password 'brightsunny' using SHA256, just perform the query


You will receive, a 1 meaning this password is not safe

Contact us

Your input is very appreciated and valuable to us

For any feedback, proposal, question or comment, please, drop an email to hi@passable.io

Learn more

If you would like to learn more about the concepts surrounding Passable here are provided some handy links

Data breaches:


Passable is free to use.

Anyway, as you can imagine, there are costs associated with this project. We would be grateful if you would like to donate.

Donate is as simple, as using our API. Just send your bitcoins to the following address: 17YB6sx8q5Acyy7AXiu1hfUr426kRC5Vf8

For the moment, we will be accepting bitcoin-only donations, because it is convenient & we strongly believe in this project. If you need help getting started, you can contact us or visit bitcoin.org