🤖 AI Summary
This work addresses the limitations of existing password strength evaluators, which struggle to support non-English languages—particularly Indic scripts—and fail to effectively detect weak password variants due to their reliance on exact matching. To overcome these challenges, the study presents the first password strength assessment system tailored for Indian languages. It leverages ChatGPT to generate high-quality multilingual password data, outperforming traditional approaches like PassGAN, and replaces exact string matching with Jaro similarity to better capture phonetic and orthographic variations. Experimental results demonstrate that, at a Jaro similarity threshold of 0.5, the system achieves near-perfect accuracy in identifying weak passwords. These findings validate the effectiveness of combining AI-generated data with language-aware modeling for robust multilingual password security evaluation.
📝 Abstract
Considering the rise of cyberattacks incidents worldwide, the need to ensure stronger passwords is necessary. Developing a password strength meter (PSM) can help users create stronger passwords when creating an account on an online platform. This research aimed to explore whether incorporating a non-English training dataset (specifically Indian) can improve the performance of a PSM. Findings show that PSMs can be improved by utilising learning of words from other languages. Another contribution of the research was to compare and provide an analysis of AI generated data (specifically by ChatGPT) and PassGAN (existing state-of-the-art model), proving that PassGAN-like tools may no longer be needed as the performance is higher using AI generated data. To further strengthen detection, a Jaro similarity-based matching mechanism was incorporated, enabling the classification of passwords that are highly similar to known weak passwords - this addresses limitations of direct matching techniques used in prior work. A final novel contribution is on developing a PSM tailored for Indian passwords, which has not been developed previously - this resulted in a near-perfect matching accuracy using a Jaro function value of 0.5. Although performance improvements were constrained by limited data and training, results suggest that using the ChatGPT dataset is a viable and effective strategy for developing secure, language-aware password strength meters.