This is an implementation of the Interpretable Probabilistic password meter we proposed here. Our work has been accepted and presented at ESORICS-2020.
How it works:
The meter relies on a Deep Convolution Neural Network to model the probability of a password and the characters that compose it. This is achieved by training the neural net on a massive collection of weak passwords that have been obtained from public password breaches. The network is trained in a kind of "masked language modeling" similar to BERT (but on passwords).
Here, we use the trained network to detect insecure composition patterns in your password and make them explicit via a color-based feedback mechanism. The colors encode the probability assigned to each character from the neural net; that is, "the probability of observing that specific character knowing the values of all the other characters in the password". Check the paper for more details.
How to use it:
The red characters are the insecure ones and indicate your password components that make the attacker's job easier. By modifying them, you will improve your password with a minimal number of changes. The green characters, instead, are very hard to guess for an attacker and can be kept unchanged.