Widespread weak passwords and adversarially crafted deceptive passwords undermine the validity of conventional password strength assessment. Method: This paper pioneers the systematic integration of adversarial machine learning into password strength classification. We propose a robust evaluation framework unifying five heterogeneous models—XGBoost, LSTM, BERT, and others—augmented by adversarial sample generation, robust training, and feature-level robustness enhancement. The framework is trained on over 670,000 deceptive password samples. Contribution/Results: Experiments demonstrate substantial improvements in model robustness against adaptive attacks: strength classification accuracy increases by up to 20% over state-of-the-art baselines. Crucially, the method effectively identifies stealthy yet inherently weak adversarial passwords, thereby enhancing both the reliability and practical utility of automated password security assessment.

Passwords remain one of the most common methods for securing sensitive data in the digital age. However, weak password choices continue to pose significant risks to data security and privacy. This study aims to solve the problem by focusing on developing robust password strength estimation models using adversarial machine learning, a technique that trains models on intentionally crafted deceptive passwords to expose and address vulnerabilities posed by such passwords. We apply five classification algorithms and use a dataset with more than 670,000 samples of adversarial passwords to train the models. Results demonstrate that adversarial training improves password strength classification accuracy by up to 20% compared to traditional machine learning models. It highlights the importance of integrating adversarial machine learning into security systems to enhance their robustness against modern adaptive threats. Keywords: adversarial attack, password strength, classification, machine learning