Enhancing password security: a quest for optimal honeywords

Date
2023-10-01
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
In this capstone report, our primary focus is on harnessing the capabilities of the GPT4 model to enhance password security through the generation of honeywords. Honeywords are decoy passwords designed to strengthen the security of sensitive systems by confusing potential attackers. The utilization of GPT4, a powerful language model developed by OpenAI, offers a n innovative approach to this challenge. By directly generating honeywords without relying on password segmentation, GPT4 introduces a unique dimension to password security. This approach is particularly valuable in thwarting targeted attacks, as honeywords generated by GPT4 are designed to deceive potential attackers effectively. In addition to the exploration of GPT4, this report also delves into the realm of Chunk-GPT3. Chunk-GPT3, as detailed in previous research, employs advanced language models to generate honeywords through the segmentation of passwords into discrete chunks. These chunks are ingeniously recombined to form decoy passwords. The re-engineered Chunk-GPT3 approach incorporates enhancements to the password segmentation process, including ”mapping digits to alphabets” and ”removal of digits” functions. These modifications aim to produce more potent and effective honeywords, ultimately elevating password security. The report includes a comprehensive comparative analysis of honeywords generated by the original Chunk-GPT3 approach and the re-engineered Chunk GPT3 approach, as well as honeywords created by GPT4. By assessing the effectiveness of these honeyword generation methods using the HWSimilarity metric, the report provides valuable insights into the strengths and weaknesses of each approach. Examining the capabilities of both GPT4 and Chunk-GPT3 in the context of honeyword generation, this report aims to provide a holistic perspective on cutting-edge strategies for safeguarding sensitive data in the ever-evolving digital landscape.
Description
Keywords
Authentication, Chunks, Honeywords, Passwords, Segmentation
Citation