AI for stronger passwords? Researchers unveil PassGPT, an LLM trained on the infamous RockYou leak

Meet PassGPT, the AI model based on OpenAI’s GPT-2 that can generate and guess passwords.

vk758501

Jun 11, 2023 - 22:36

AI for stronger passwords? Researchers unveil PassGPT, an LLM trained on the infamous RockYou leak

Generative AI is a powerful tool that can be used for both good and evil in the digital realm. Following the launch of ChatGPT when the technology exploded in popularity, experts began to contemplate its implications for cybersecurity. While we are thankfully yet to see the tech being used in major exploits by bad actors, security experts have been demonstrating clever ways generative AI can be employed to bolster cybersecurity.

A team of researchers from ETH Zürich, Swiss Data Science Center, and SRI International in New York have developed PassGPT, a new model based on OpenAI’s GPT-2 architecture that can generate and guess passwords. The model is trained on millions of passwords leaked in various cyberattacks, more specifically on the infamous RockYou leak. Reportedly, PassGPT can guess 20% more unseen passwords than state-of-the-art GAN models.

While PassGPT’s capabilities may sound scary, the goal is to actually help users create stronger and more complex passwords and to detect possible passwords based on some inputs. The model uses a novel technique called progressive sampling, which builds passwords one character at a time, making them harder to crack. The model also outperforms previous models that used generative adversarial networks (GANs), which are composed of two competing networks that try to fool each other with realistic or fake content.

The creator of PassGPT, Javi Rando, said that the model can also compute the probability of any given password and analyse its strength and vulnerabilities. He added that the model can find patterns that are considered strong by conventional methods, but are actually easy to guess with generative techniques. He also said that the model can handle passwords in different languages and guess new passwords that are not in its dataset.

PassGPT is an example of how LLMs can be adapted to different domains and applications using different data sources. And it isn’t the first time generative AI has been trained on illegal data by those on the right side of the law. Previously, researchers trained an AI model called DarkBERT on dark web data to detect ransomware leak sites and monitor unlawful information exchange.

Tags:

Deepika Padukone gives a glimpse of her life with Ranveer Singh in a meme

What's Your Reaction?

Dislike

Love

Funny

Angry

Sad

Wow

vk758501 I too have a dream world of my own. I dream big, far and wide of the world that I live in. I am sad and afraid to live in such a world that is full of sins and negativity. I have a dream world where there is no violence, no hatred, no greed, but just peace, love and harmony. A world where mankind helps each other and is not jealous of each other, where people are not categorized based on their caste and creed, where there is no difference between the rich and poor, but rather considered as equals. A world where there is lots of fun and goodness and where it is safe for every human being who lives in there.