- ๐ Frontend (Streamlit App): https://password-strength-ml.streamlit.app/
- ๐ Backend API (FastAPI on Render): https://password-strength-ml-m21m.onrender.com
- ๐ API Docs: https://password-strength-ml-m21m.onrender.com/docs
This project is a full-stack Machine Learning application that evaluates password strength in real time.
It combines:
- ๐ง A trained ML model (Random Forest)
- โก A REST API built with FastAPI
- ๐จ An interactive UI built with Streamlit
Users can input a password and instantly get:
- Strength classification (Weak / Medium / Strong)
- Security insights (entropy, patterns)
- Improvement suggestions
- Feature-engineered password analysis
- Entropy-based complexity measurement
- Random Forest classifier (multi-class)
- REST API using FastAPI
- JSON-based prediction endpoint (
/predict) - Deployed on Render
- Interactive UI using Streamlit
- Password generator ๐
- Strength score (0โ100)
- Entropy calculation ๐
- Real-time feedback & suggestions
- API health monitoring
password-strength-ml/
โ
โโโ assets/ # Screenshots
โโโ data/ # Dataset (rockyou.txt)
โโโ models/ # Trained model (.pkl)
โ
โโโ src/
โ โโโ data_loader.py
โ โโโ preprocessing.py
โ โโโ feature_engineering.py
โ โโโ model.py
โ โโโ train.py
โ
โโโ api/
โ โโโ main.py # FastAPI backend
โ
โโโ streamlit_app.py # Streamlit frontend
โโโ main.py # CLI prediction
โโโ requirements.txt
โโโ README.md
Download RockYou dataset from Kaggle and place it in:
data/rockyou.txt
- RockYou password dataset (real-world leaked passwords)
- Synthetic strong passwords generated programmatically
Password length Uppercase / lowercase count Digits & special characters Character ratios Entropy (randomness measure) Weak pattern detection ("123", "password") Repetition patterns
Algorithm: Random Forest Classifier Library: scikit-learn Classes: 0 โ Weak 1 โ Medium 2 โ Strong
git clone https://github.com/prathameshsail72-hue/password-strength-ml.git cd password-strength-ml
python -m venv venv venv\Scripts\activate # Windows
pip install -r requirements.txt
Run Backend (API) uvicorn api.main:app --reload
Visit: http://127.0.0.1:8000/docs
Run Frontend (Streamlit) streamlit run streamlit_app.py
The model is evaluated using:
- Accuracy
- Precision / Recall / F1-score
No breach detection (e.g. leaked passwords) Rule-based + ML hybrid (not attack simulation) Synthetic strong passwords used for balancing Render free tier causes cold start delays
Run the app locally:
๐ Integrate Have I Been Pwned API ๐ง Deep Learning (LSTM / Transformers) ๐ Confidence score output โก Caching & performance optimization ๐ Multi-language password analysis
Contributions are welcome! Feel free to open issues or submit pull requests.
This project is open-source and available under the MIT License.
Prathamesh Sail GitHub: https://github.com/prathameshsail72-hue




