@MISC\{IMM2018-07088, author = "C. Olsen", title = "A Machine Learning Approach to Predicting Passwords", year = "2018", publisher = "Technical University of Denmark, Department of Applied Mathematics and Computer Science", address = "Richard Petersens Plads, Building 324, {DK-}2800 Kgs. Lyngby, Denmark, compute@compute.dtu.dk", note = "{DTU} supervisor: Finn {\AA}rup Nielsen, faan@dtu.dk", url = "http://www.compute.dtu.dk/english", abstract = "The goal of the thesis is to investigate whether machine learning models can be used in predicting the sequence of human-created passwords, collected from publicly available database-leaks. Using a combination of {1-}dimensional convolutional layers and dense layers, it is possible to train a machine learning model to give a probabilistic evaluation of password sequences. With this property, it is possible to generate probable passwords along with being able to give a password a strength, based on how likely the machine learning model is to predict the given password. Passwords generated from the model can be used as dictionary with hashcat, to perform password cracking on hashed passwords. However, the generated passwords are not as efficient at password cracking as popular password dictionaries as rockyou.txt, meaning that using machine learning for password prediction still lacks a bit behind when it comes to password cracking." }