Utilize Machine Learning Methods to Detect Plaintext Passwords

Abstract

Every company is a target today, no matter the type of business it does. Hackers and cybercriminals are after data which they can monetize in many ways. Being proactive and have a defensive and protective plan in place such as evaluating and assessing IT security is a great recipe for avoiding data breaches and consequently, business disasters. Passwords are the most popular authentication method, mainly because they are easy to implement, require no special hardware or software, and are familiar to users and developers. Unfortunately, most users store their sensitive information or credentials in plain-text that might be accessible to attackers. Since the information is not encrypted and stored or transferred in cleartext, attackers will be able to read it easily. Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource. Developers sometimes believe that they cannot defend the application from someone who has access to the configuration, but this attitude makes an attacker’s job easier. Good password management guidelines require that a password must never be stored in plaintext.

The question is why not utilizing a machine learning platform that can be trained to search text in a computer resource, detect a string of plaintext characters, and analyze the string of characters to predict or detect a plaintext password on a computer resource asset. Since plaintext passwords can be stored anywhere on a computer network, including on a computer resource asset, such as, for example, a file (for example, a configuration file), a router, a switch, a computer, a server, a database or source code, the solution can be arranged to target computer resource assets on the network and search those computer resource assets. 

The machine will be able to detect a plaintext password in a character string by analyzing plaintext character strings for common password complexity, such as, for example, including at least one uppercase letter, lowercase letter, number, special character, and text length (for example, minimum of eight characters).  Then check the similarity of the character string against a database comprising passwords, including, for example, passwords that were previously found or identified by the solution, or passwords that were input or loaded into the database from a list, table, record, file, or a computer resource that can input passwords to the database.  Also, it will predict a level of certainty that a character string includes a password and output a confidence score based on the predicted level of certainty. Finally, it will categorize the confidence score in any number of prediction certainty levels, including, for example, three levels – high, medium, or low.