Developer Builds Password Checker That Flags Breached Passwords Over Structural Strength
A developer created a password strength checker that combines machine learning with real-time breach detection, addressing a flaw common in traditional checkers. The tool uses a Random Forest classifier trained on 150 passwords across six character-composition categories, achieving 93.3% accuracy in cross-validation. It also queries the Have I Been Pwned (HIBP) database and overrides any structural strength rating if a password appears in known data breaches. In testing, the structurally strong password 'Tr0ub4dor&3' was downgraded from 'Strong' to 'Very Weak' after being found in over 3,000 breach records. The approach aligns with NIST SP 800-63B guidelines, which require breach-status checks that most password systems currently skip.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)
Log in to join the discussion and vote.
Log in