Improved Probabilistic Context-Free Grammars for Passwords Using Word Extraction

Haibo Cheng, Wenting Li, Ping Wang, Kaitai Liang

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

2 Citations (Scopus)


Probabilistic context-free grammars (PCFGs) have been pro-posed to capture password distributions, and further been used in password guessing attacks and password strength meters. However, current PCFGs suffer from the limitation of inaccurate segmentation of password, which leads to misestimation of password probability and thus seriously affects their performance. In this paper, we propose a word extraction approach for passwords, and further present an improved PCFG model, called WordPCFG. The WordPCFG using word extraction method can precisely extract semantic segments (called word) from passwords based on cohesion and freedom of words. We evaluate our WordPCFG on six large-scale datasets, showing that WordPCFG cracks 83.04%–95.47% passwords and obtains 12.96%–71.84% improvement over the state-of-the-art PCFGs.
Original languageEnglish
Title of host publicationICASSP 2021 - 2021 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)
Place of PublicationPiscataway
Number of pages5
ISBN (Electronic)978-1-7281-7605-5
ISBN (Print)978-1-7281-7606-2
Publication statusPublished - 2021
EventICASSP 2021: The IEEE International Conference on Acoustics, Speech, and Signal Processing - Virtual Conference/Toronto, Canada
Duration: 6 Jun 202111 Jun 2021


ConferenceICASSP 2021
CityVirtual Conference/Toronto


  • Password
  • Probabilistic context-free grammar
  • Word extraction


Dive into the research topics of 'Improved Probabilistic Context-Free Grammars for Passwords Using Word Extraction'. Together they form a unique fingerprint.

Cite this