Two neural networks can guess a quarter of the passwords in use on a website. At least that's according to new research by a team from the Stevens Institute of Technology, who have built a so-called generative adversarial network that can make educated guesses at what your password might be.
The underlying idea is simple enough: have one neural network build something, then use another to determine its quality. It's a concept masterminded by Ian Goodfellow, one of our 35 Innovators Under 35 for 2017, who isn't part of this research project.
What the Stevens Institute team has done with that idea is have one AI chomp through tens of millions of leaked passwords to learn how to generate new ones, while the other learned how to judge whether a newly created one was compelling. Comparing their efforts to a LinkedIn credentials leak, the AI-generated passwords matched 12 percent of the real ones. When the researchers also rolled in some human-created rules from a software tool known as hashCat, they were able to guess 27 percent of passwords—as much as 24 percent more than hashCat can achieve alone.
It is, obviously, still a technique in its infancy, and it's unclear if a 24 percent boost really warrants the weight of such advanced machine learning. But this appears to be the first time that a generative adversarial network has been used to help crack passwords, and it seems likely that the technique will improve faster than conventional approaches as it chews on more data.
At any rate, it may not be all bad news. As Thomas Ristenpart, a computer scientist from Cornell Tech in New York City, tells Science: “The new technique could also potentially be used to generate decoy passwords to help detect breaches.”
Geoffrey Hinton tells us why he’s now scared of the tech he helped build
“I have suddenly switched my views on whether these things are going to be more intelligent than us.”
Deep learning pioneer Geoffrey Hinton has quit Google
Hinton will be speaking at EmTech Digital on Wednesday.
Video: Geoffrey Hinton talks about the “existential threat” of AI
Watch Hinton speak with Will Douglas Heaven, MIT Technology Review’s senior editor for AI, at EmTech Digital.
Doctors have performed brain surgery on a fetus in one of the first operations of its kind
A baby girl who developed a life-threatening brain condition was successfully treated before she was born—and is now a healthy seven-week-old.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.