Email
Password
Remember meForgot password?
    Log in with Twitter

article imageResearchers create AI to help you choose stronger passwords

By James Walker     May 9, 2017 in Technology
Cybersecurity researchers have created a new password strength meter that provides actionable tips informing you how to create safer passwords. Backed by artificial intelligence and new algorithms, the team wants to help people make better choices.
The tool has been created by researchers based at Carnegie Mellon University and the University of Chicago. It builds on the password strength meter concept already used on many websites by adding improved calculations and advice on how to get your passwords into the green.
The password meters widely used on "create account" pages today typically show how your password progresses from being weak to strong as you add more characters. However, the measurement is usually based on simplistic references, such as the type of character used and length of the resulting phrase.
The team has taken the existing tools and reworked them into what it claims is a more accurate resource. Passwords which would be labelled "strong" by existing mainstream tools may be less favourably rated by the AI. If your password does turn out to be weak, you'll be guided towards improving it, rather than being forced to think again without being told what to aim for.
The tool s response to using  testpassword  as a password
The tool's response to using "testpassword" as a password
"Instead of just having a meter say, 'Your password is bad,' we thought it would be sueful for the meter to say, 'Here’s why it's bad and here's how you could do better,'" said Nicolas Christin, a Carnegie Mellon professor and a co-author of the study.
The tips offered by the tool will seem simplistic to anyone already familiar with security best practices. It warns you not to use extremely common passwords, avoid including dates and whole words and provides suggestions on how to upgrade your own entries to a safer alternative. Even when you use a secure password generated by a password management program, the meter will remind you not to use it for other accounts.
The password meter is driven by an artificial neural network that scans millions of current passwords to "learn" how to identify insecure combinations. It can then compare your passwords to its existing definitions. If a hallmark characteristic of a bad phrase is found, the tool will flag it up and alert you to its nature.
This strong password was created by typing several random letters  numbers and symbols on the keyboa...
This strong password was created by typing several random letters, numbers and symbols on the keyboard
cups.cs.cmu.edu
The team has open-sourced the software and uploaded it to the GitHub code sharing site. It hopes to attract other people to improve the meter, enabling it to be modified to suit individual applications. This will give website administrators the flexibility to tailor it to their site if the tool gains widespread adoption.
Based on the results of last year's password popularity survey, there's a definite need for the upgraded password meter. "123456" retained its place at the top of the list, followed by "12345678" and "qwerty."
The researchers hope the new tool will help people to stop using these basic combinations by offering actionable advice for the first time. The software will be formally presented at this week's CHI 2017 conference in Denver, Colorado. You can already try your own passwords against it by visiting the demonstration site.
More about Passwords, Security, Cybersecurity, neural network, Ai