A Machine Learning Approach to Predicting Passwords

Christoffer Olsen

AbstractThe goal of the thesis is to investigate whether machine learning models can be used in predicting the sequence of human-created passwords, collected from publicly available database-leaks.
Using a combination of 1-dimensional convolutional layers and dense layers, it is possible to train a machine learning model to give a probabilistic evaluation of password sequences. With this property, it is possible to generate probable passwords along with being able to give a password a strength, based on how likely the machine learning model is to predict the given password.
Passwords generated from the model can be used as dictionary with hashcat, to perform password cracking on hashed passwords. However, the generated passwords are not as efficient at password cracking as popular password dictionaries as rockyou.txt, meaning that using machine learning for password prediction still lacks a bit behind when it comes to password cracking.
TypeBachelor of Engineering thesis [Academic thesis]
PublisherTechnical University of Denmark, Department of Applied Mathematics and Computer Science
AddressRichard Petersens Plads, Building 324, DK-2800 Kgs. Lyngby, Denmark, compute@compute.dtu.dk
SeriesDTU Compute B.Eng. Thesis in Software Technology
Electronic version(s)[pdf]
Publication linkhttp://www.compute.dtu.dk/english
BibTeX data [bibtex]
IMM Group(s)Intelligent Signal Processing