A team of Carnegie Mellon University PhD intern and Microsoft Research employees have unveiled a website that can predict the next character of your password by analysing the characters you have entered into the text field. The #-Link-Snipped-# has been stated as a “weak password prevention system” that makes predictions based on its database of common passwords that were leaked in recent website attacks. It also searches for common phrases and checks for any password selection behaviours such as using adjacent or alternate keys. It also offers users suggestions on how one can improve the strength of their password.


While testing the web app we found that it was quite successful in predicting many common combinations of characters like ‘qwerty’, ‘password’ and continuous and alternative characters even any numbers inserted between them. The website also managed to recognise some Hindi phrases like ‘Namaste’, ‘Dilwale’ etc but when it came to regional languages it failed to keep up its performance. The website for this reason states that it is not a comprehensive tool for identifying weak passwords because it primarily deals with English. To maintain privacy of the user who wants to test his/her password the website makes sure that it does not store all the characters entered by the user but just the accuracy rate of the prediction engine, mouse movements and typing speeds. The log is then encrypted in the browser itself before being sent to the server. Weak passwords have been blamed for many security attacks worldwide and this prediction tool can prove to be an excellent tool for testing your password strength.

Source: #-Link-Snipped-#