FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENT RULES, 2003
COMPLETE SPECIFICATION (See Section 10 and Rule 13)
Title of invention:
METHOD AND SYSTEM FOR DYNAMIC GENERATION OF PASSWORD HEURISTICS
Applicant
Tata Consultancy Services Limited A company Incorporated in India under the Companies Act, 1956
Having address:
Nirmal Building, 9th floor,
Nariman point, Mumbai 400021,
Maharashtra, India
Preamble to the description
The following specification particularly describes the invention and the manner in which it is to be performed.

TECHNICAL FIELD [001] The disclosure herein generally relates to the field of cyber security and, more particular, to a method and system for dynamic generation of password heuristics.
BACKGROUND
[002] Cybersecurity threats are on the rise every day, with new cybersecurity attacks being reported on a regular basis. Password security is a major concern when it comes to protecting personal information. Despite many newer forms of authentication methods, the use of passwords is still at large. Various studies show that users are likely to create weaker passwords due to lack of knowledge in creating stronger passwords and limitations in remembering longer passwords. Effective password creation strategies are necessary in such a scenario.
[003] Conventional methods either displays password strength meters to showing password strengths to the users to show how “weak” or “strong” their entered passwords are. While this number shows the user a feedback, the actual strength can be different, and relative to policies set by organizations. For example, the user logging into the office machine of an organization will have to follow the password policies of that organization, which might be different from the way the user chooses password of a personal account. So, a strength meter could show the same statistics for both the accounts, which might result in stronger password in one and a commonly used password in another. Some conventional methods recommend a set of rules for the user to follow. This leads to multiple users following the same rule, thereby resulting in varied instances of same character combinations leading to similar passwords. Hence there is a challenge in generating dynamic password heuristics and in guiding the users to generate varying passwords.
SUMMARY [004] Embodiments of the present disclosure present technological improvements as solutions to one or more of the above-mentioned technical

problems recognized by the inventors in conventional systems. For example, in one embodiment, a method for dynamic generation of password heuristics is provided. The method includes receiving, by one or more hardware processors, a password from a user, wherein the password is made of at least one of, a plurality of alphabets, a plurality of numerical characters and a plurality of special characters. Further, the method includes generating, by the one or more hardware processors, a password structure corresponding to the password based on a comparison between the password and a plurality of predefined password structures stored in database, wherein the each of the plurality of predefined password structures comprises a plurality of characters. Furthermore, the method includes computing, by the one or more hardware processors, a first match value based on a comparison between the password structure and a plurality of predefined password heuristics. Furthermore, the method includes generating, by the one or more hardware processors, an insecure password warning to the user if the computed first match value is equal to one. Furthermore, the method includes generating, by the one or more hardware processors, a plurality of partially matched password structures based on a comparison between the password structure and a plurality of dynamic password heuristics if the computed first match value is equal to zero. Furthermore, the method includes computing, by the one or more hardware processors, a frequency of occurrence of each of the plurality of partially matched password structures using a path ranking based tree traversal technique. Furthermore, the method includes generating, by the one or more hardware processors, a probable insecure password warning to the user if the frequency of occurrence is more than a predefined threshold. Furthermore, the method includes updating, by the one or more hardware processors, a password structure tree by inserting a subtree corresponding to each of the plurality of partially matched password structures with the frequency of occurrence equal to zero. Furthermore, the method includes converting, by the one or more hardware processors, each of the plurality of partially matched password structures into a corresponding textual data using a pretrained Natural Language Generation (NLG) technique. Finally, the method includes generating, by the one or more hardware processors, a dynamic password awareness information for the

user based on the password structure, the plurality of partially matched password structures, the frequency of occurrence of each of the plurality of partially matched password structures and the textual data using the pretrained NLG technique.
[005] In another aspect, a system for dynamic generation of password heuristics is provided. The system includes at least one memory storing programmed instructions, one or more Input /Output (I/O) interfaces, and one or more hardware processors operatively coupled to the at least one memory, wherein the one or more hardware processors are configured by the programmed instructions to receive a password from a user, wherein the password is made of at least one of, a plurality of alphabets, a plurality of numerical characters and a plurality of special characters. Further the one or more hardware processors are configured by the programmed instructions to generate a password structure corresponding to the password based on a comparison between the password and a plurality of predefined password structures stored in database, wherein the each of the plurality of predefined password structures comprises a plurality of characters. Furthermore, the one or more hardware processors are configured by the programmed instructions to compute a first match value based on a comparison between the password structure and a plurality of predefined password heuristics. Furthermore, the one or more hardware processors are configured by the programmed instructions to generate the user if the computed first match value is equal to one. Furthermore, the one or more hardware processors are configured by the programmed instructions to generate a plurality of partially matched password structures based on a comparison between the password structure and a plurality of dynamic password heuristics if the computed first match value is equal to zero. Furthermore, the one or more hardware processors are configured by the programmed instructions to compute a frequency of occurrence of each of the plurality of partially matched password structures using a path ranking based tree traversal technique. Furthermore, the one or more hardware processors are configured by the programmed instructions to generate a probable insecure password warning to the user if the frequency of occurrence is more than a predefined threshold. Furthermore, the one or more hardware processors are

configured by the programmed instructions to update a password structure tree by inserting a subtree corresponding to each of the plurality of partially matched password structures with the frequency of occurrence equal to zero. Furthermore, the one or more hardware processors are configured by the programmed instructions to convert each of the plurality of partially matched password structures into a corresponding textual data using a pretrained Natural Language Generation (NLG) technique. Finally, the one or more hardware processors are configured by the programmed instructions to generate a dynamic password awareness information for the user based on the password structure, the plurality of partially matched password structures, the frequency of occurrence of each of the plurality of partially matched password structures and the textual data using the pretrained NLG technique.
[006] In yet another aspect, a computer program product including a non-transitory computer-readable medium having embodied therein a computer program for dynamic generation of password heuristics is provided. The computer readable program, when executed on a computing device, causes the computing device to receive a password from a user, wherein the password is made of at least one of, a plurality of alphabets, a plurality of numerical characters and a plurality of special characters. Further, the computer readable program, when executed on a computing device, causes the computing device to generate a password structure corresponding to the password based on a comparison between the password and a plurality of predefined password structures stored in database, wherein the each of the plurality of predefined password structures comprises a plurality of characters. Furthermore, the computer readable program, when executed on a computing device, causes the computing device to compute a first match value based on a comparison between the password structure and a plurality of predefined password heuristics. Furthermore, the computer readable program, when executed on a computing device, causes the computing device to generate the user if the computed first match value is equal to one. Furthermore, the computer readable program, when executed on a computing device, causes the computing device to generate a plurality of partially matched password structures based on a comparison between

the password structure and a plurality of dynamic password heuristics if the computed first match value is equal to zero. Furthermore, the computer readable program, when executed on a computing device, causes the computing device to compute a frequency of occurrence of each of the plurality of partially matched password structures using a path ranking based tree traversal technique. Furthermore, the computer readable program, when executed on a computing device, causes the computing device to generate a probable insecure password warning to the user if the frequency of occurrence is more than a predefined threshold. Furthermore, the computer readable program, when executed on a computing device, causes the computing device to update a password structure tree by inserting a subtree corresponding to each of the plurality of partially matched password structures with the frequency of occurrence equal to zero. Furthermore, the computer readable program, when executed on a computing device, causes the computing device to convert each of the plurality of partially matched password structures into a corresponding textual data using a pretrained Natural Language Generation (NLG) technique. Finally, the computer readable program, when executed on a computing device, causes the computing device to generate a dynamic password awareness information for the user based on the password structure, the plurality of partially matched password structures, the frequency of occurrence of each of the plurality of partially matched password structures and the textual data using the pretrained NLG technique.
[007] It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
BRIEF DESCRIPTION OF THE DRAWINGS
[008] The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate exemplary embodiments and, together with the description, serve to explain the disclosed principles:

[009] FIG. 1 is a functional block diagram of a system for dynamic generation of password heuristics, in accordance with some embodiments of the present disclosure.
[0010] FIGS. 2A and 2B are exemplary flow diagrams illustrating a method for dynamic generation of password heuristics, implemented by the system of FIG. 1, in accordance with some embodiments of the present disclosure.
[0011] FIG. 3 is an exemplary password structure representation corresponding to a password for the processor implemented method for dynamic generation of password heuristics implemented by the system of FIG. 1, in accordance with some embodiments of the present disclosure.
[0012] FIGS. 4A and 4B illustrates a dynamic password heuristics tree for dynamic generation of password heuristics implemented by the system of FIG. 1, in accordance with some embodiments of the present disclosure.
[0013] FIG. 5 is an example overall architecture for the processor implemented method for dynamic generation of password heuristics implemented by the system of FIG. 1, in accordance with some embodiments of the present disclosure.
DETAILED DESCRIPTION OF EMBODIMENTS [0014] Exemplary embodiments are described with reference to the accompanying drawings. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. Wherever convenient, the same reference numbers are used throughout the drawings to refer to the same or like parts. While examples and features of disclosed principles are described herein, modifications, adaptations, and other implementations are possible without departing from the spirit and scope of the disclosed embodiments. [0015] Embodiments herein provide a method and system for dynamic generation of password heuristics for generating password awareness information to the user. The method and system provide an early warning to the user regarding a probable insecure password while creating password. The system receives a password from the user. Further, the system generates a password structure

corresponding to the password based on a comparison between the password and a plurality of predefined password structures. Post obtaining the password structure, the system computes a first match value based on a comparison between the password structure and a plurality of predefined password heuristics, wherein the user is warned for insecure password if the first match value is one. Further, the system generates a plurality of partially matched password structures based on a comparison between the password structure and a plurality of dynamic password heuristics if the first match value is zero. Further, a frequency of occurrence of each of the plurality of partially matched password structures are computed using a path ranking based tree traversal technique, wherein the user is warned for probable insecure password if the frequency of occurrence is greater than a predefined threshold. Post computing the frequency of occurrence, the password structure tree is updated by inserting a subtree corresponding to each of the plurality of partially matched password structures with the frequency of occurrence equal to zero. After updating the password structure tree, the system converts each of the plurality of partially matched password structures into a corresponding textual data using a Natural Language Generation (NLG) technique. Finally, a dynamic password awareness information is generated for the user based on the password structure, the plurality of partially matched password structures, the frequency of occurrence of each of the plurality of partially matched password structures and the textual data using a pre-trained NLG technique.
[0016] Referring now to the drawings, and more particularly to FIGS. 1 through 5, where similar reference characters denote corresponding features consistently throughout the figures, there are shown preferred embodiments and these embodiments are described in the context of the following exemplary system and/or method.
[0017] FIG. 1 is a functional block diagram of a system 100 for dynamic generation of password heuristics, according to some embodiments of the present disclosure. The system 100 includes or is otherwise in communication with hardware processors 102, at least one memory such as a memory 104, an I/O interface 112. The hardware processors 102, memory 104, and the Input /Output

(I/O) interface 112 may be coupled by a system bus such as a system bus 108 or a similar mechanism. In an embodiment, the hardware processors 102 can be one or more hardware processors.
[0018] The I/O interface 112 may include a variety of software and hardware interfaces, for example, a web interface, a graphical user interface, and the like. The I/O interface 112 may include a variety of software and hardware interfaces, for example, interfaces for peripheral device(s), such as a keyboard, a mouse, an external memory, a printer and the like. Further, the I/O interface 112 may enable the system 100 to communicate with other devices, such as web servers, and external databases.
[0019] The I/O interface 112 can facilitate multiple communications within a wide variety of networks and protocol types, including wired networks, for example, local area network (LAN), cable, etc., and wireless networks, such as Wireless LAN (WLAN), cellular, or satellite. For the purpose, the I/O interface 112 may include one or more ports for connecting several computing systems with one another or to another server computer. The I/O interface 112 may include one or more ports for connecting several devices to one another or to another server.
[0020] The one or more hardware processors 102 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, node machines, logic circuitries, and/or any devices that manipulate signals based on operational instructions. Among other capabilities, the one or more hardware processors 102 is configured to fetch and execute computer-readable instructions stored in the memory 104.
[0021] The memory 104 may include any computer-readable medium known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes. In an embodiment, the memory 104 includes a plurality of modules 106 or modules 106. The memory 104 also includes a data repository (or repository) 110 for storing data processed, received, and generated by the plurality of modules 106.

[0022] The plurality of modules 106 include programs or coded instructions that supplement applications or functions performed by the system 100 for dynamic generation of password heuristics. The plurality of modules 106, amongst other things, can include routines, programs, objects, components, and data structures, which performs particular tasks or implement particular abstract data types. The plurality of modules 106 may also be used as, signal processor(s), node machine(s), logic circuitries, and/or any other device or component that manipulates signals based on operational instructions. Further, the plurality of modules 106 can be used by hardware, by computer-readable instructions executed by the one or more hardware processors 102, or by a combination thereof. The plurality of modules 106 can include various sub-modules (not shown). The plurality of modules 106 may include computer-readable instructions that supplement applications or functions performed by the system 100 for dynamic generation of password heuristics. In an embodiment, the plurality of modules 106 includes a password structure identification module (not shown in FIG. 1), a matching module (not shown in FIG. 1), a frequency of occurrence computation module (not shown in FIG. 1), a tree updating module (not shown in FIG. 1), a Natural Language Generation module (not shown in FIG. 1), and a dynamic password awareness information generation module (not shown in FIG. 1).
[0023] The data repository (or repository) 110 may include a plurality of abstracted piece of code for refinement and data that is processed, received, or generated as a result of the execution of the plurality of modules in the module(s) 106.
[0024] Although the data repository 110 is shown internal to the system 100, it will be noted that, in alternate embodiments, the data repository 110 can also be implemented external to the system 100, where the data repository 110 may be stored within a database (not shown in FIG. 1) communicatively coupled to the system 100. The data contained within such external database may be periodically updated. For example, new data may be added into the database (not shown in FIG. 1) and/or existing data may be modified and/or non-useful data may be deleted from the database (not shown in FIG. 1). In one example, the data may be stored in an

external system, such as a Lightweight Directory Access Protocol (LDAP) directory and a Relational Database Management System (RDBMS).
[0025] FIGS. 2A and 2B are exemplary flow diagrams illustrating a method 200 for dynamic generation of password heuristics implemented by the system of FIG. 1 according to some embodiments of the present disclosure. In an embodiment, the system 100 includes one or more data storage devices or the memory 104 operatively coupled to the one or more hardware processor(s) 102 and is configured to store instructions for execution of steps of the method 200 by the one or more hardware processors 102. The steps of the method 200 of the present disclosure will now be explained with reference to the components or blocks of the system 100 as depicted in FIG. 1 and the steps of flow diagram as depicted in FIG. 2A and 2B. The method 200 may be described in the general context of computer executable instructions. Generally, computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, functions, etc., that perform particular functions or implement particular abstract data types. The method 200 may also be practiced in a distributed computing environment where functions are performed by remote processing devices that are linked through a communication network. The order in which the method 200 is described is not intended to be construed as a limitation, and any number of the described method blocks can be combined in any order to implement the method 200, or an alternative method. Furthermore, the method 200 can be implemented in any suitable hardware, software, firmware, or combination thereof.
[0026] At step 202 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to receive a password from a user. The password is made of at least one of, a plurality of alphabets, a plurality of numerical characters and a plurality of special characters. For example, the password is “P@ssw0rd”.
[0027] At step 204 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to. generate a password structure corresponding to the password based on a comparison between the password and a plurality of predefined password structures stored in a database.

Each of the plurality of predefined password structures includes a plurality of characters. FIG. 3 is an exemplary password structure representation corresponding to a password for the processor implemented method for dynamic generation of password heuristics implemented by the system of FIG. 1, in accordance with some embodiments of the present disclosure. Now referring to FIG. 3, the row 302 indicates the password “P@ssw0rd” and the row 304 indicates the corresponding password structure “USLLLDLL”. Here, the uppercase alphabet of the password is represented as ‘U’, the lowercase alphabet is represented as ‘L’, the numerical characters are represented as ‘D’ and the special symbols are represented as ‘S’.
[0028] At step 206 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to compute a first match value based on a comparison between the password structure and a plurality of predefined password heuristics stored in the database.
[0029] At step 208 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to generate an insecure password warning to the user if the computed first match value is equal one. The first match value is set to one if there is a match between the password structure and at least one of the pluralities of predefined password heuristics. The first match value is set to zero if there is no match between the password structure and at least one of the pluralities of predefined password heuristics.
[0030] At step 210 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to generate a plurality of partially matched password structures based on a comparison between the password structure and a plurality of dynamic password heuristics if the computed first match value is equal to zero. The plurality of dynamic password heuristics is stored in a password structure tree including a plurality of paths. Each of the plurality of paths includes a plurality of nodes and a plurality of edges. Each path is associated with a rank.
[0031] FIG. 4 illustrates a dynamic password heuristics tree for dynamic generation of password heuristics implemented by the system of FIG. 1, in accordance with some embodiments of the present disclosure. Now referring to

FIG. 4, the first tier 402 of the password structure tree includes a plurality of nodes L, U, D and S corresponding to lower alphabet, upper case alphabet, digit, and special character. Each node is connected to a plurality of neighbor nodes. For example, the neighbor nodes present in second tier 404 corresponding to the node ‘U’ from the tier 402 are the nodes “UL”, “UU”, “UD” and “US” which indicates the possible combination of symbols corresponding to the symbol ‘U’ associated with the tier 402. Similarly, third tier 404 indicates a plurality of possible symbol combinations corresponding to the node “UL” of the second tier 404. Now referring to the third tier 406, the possible combinations of symbols corresponding to the node “UL” of the second tier 404 are “ULL”, “ULU”, “ULD”, “ULS” and the like.
[0032] At step 212 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to compute a frequency of occurrence of each of the plurality of partially matched password structures using a path ranking based tree traversal technique.
[0033] In an embodiment, the step of computing the frequency of occurrence of each of the plurality of partially matched password structures using a path ranking based tree traversal technique includes the following steps. Initially, each of the plurality of characters corresponding to the password structure are compared with each of the plurality of nodes associated with the password structure tree by traversing the password structure tree. Further, the rank associated with each of the plurality of paths is incremented if there is a match between each of the plurality of characters corresponding to the password structure with each of a plurality of nodes associated with the corresponding path. Finally, the frequency of occurrence of each of plurality of partially matched password structures are computed based on the rank associated with each of the plurality of subtrees corresponding to each of the plurality of partially matched password structures. Table I illustrates a plurality of password structures and the corresponding frequency of occurrences.

Table I

Sl. No Password structure Frequency of occurrences
1 ULSDDSDD 3
2 LLLLSDDUD 12
3 ULLLLLLLSD 24
4 USLLLLLLDD 54
5 DDDDDDLL 1
6 ULSSD 0
[0034] For example, now referring to FIG. 4A, let S1S2S3…….Sn be the password structure. In an embodiment, various combination of character classes (L, U, D, and S) is checked from the structure through tree traversal. Let S1 = U (First character is an uppercase), then the possibilities of the second character are ‘ U ’, ‘L’, ‘D’ and ‘S’ as shown in the first tier 402. This forms 4 patterns “UL”, “ UU ”, “UD”, and “US” as shown in the second tier 404. If we follow UL, then the combinations further expand (as in previous figure). In this manner, the common patterns appearing within the password structure can be analyzed and based on how many times each branch is traversed, the frequency of occurrence of each branch of the tree or subtree can be computed.
[0035] The circled numbers 1 and 2 of FIG. 4A indicates a path 1-2 followed while traversing “UUL” and the path 1-3 is the path obtained while traversing “ULD”. Similarly, the password structure tree provides a plurality of paths during traversal. The rank associated with each path is incremented each time the corresponding path is traversed. The rank of the path is the frequency of occurrence of the corresponding path.
[0036] At step 214 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to generate a probable insecure password warning to the user if the frequency of occurrence is more than a predefined threshold.

[0037] At step 216 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to update a password structure tree by inserting a subtree corresponding to each of the plurality of partially matched password structures with the frequency of occurrence equal to zero.
[0038] For example, referring to Table I, the password structure “ULSSD” is having the frequency of occurrence as zero and hence it is inserted into the password structure tree as shown in FIG. 4B. Now referring to FIG. 4B, the third tier is providing the password structure “ULS” and hence two nodes 406 and 408 corresponding to “ULSS” and “ULSSD” are inserted into the password structure tree shown in FIG. 4B.
[0039] At step 218 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to convert each of the plurality of partially matched password structures into a corresponding textual data using a pretrained Natural Language Generation (NLG) technique.
[0040] In an embodiment, the plurality of paths that the system identifies as common based on the corresponding frequency of occurrence and the predefined threshold, the password structure corresponding to the path is converted to their corresponding text forms. For example, if DDDD (a set of four digits) is found to be having very frequent number of occurrences and it is over the predefined threshold of 35% (arbitrary number), DDDD will be converted to the heuristic. “D” => digit, and its count is 4. So in text form, it becomes “4 digits”.
[0041] At step 220 of the method 200, the one or more hardware processors 102 are configured by the programmed instructions to generate a dynamic password awareness information for the user based on the password structure, the plurality of partially matched password structures, the frequency of occurrence of each of the plurality of partially matched password structures and the textual data using the pre-trained NLG technique. The pretrained NLG technique converts the password structure-based information into human readable text. In an embodiment, the dynamic password awareness information is generated as follows. Initially, the textual data corresponding to the password structure and the plurality of partially matched password structures are received. The textual data includes the plurality of

symbols and the frequency of occurrence of each of the plurality of symbols. For example, for pattern “DDDD” if “D” => digit, and its count is 4. So, in text form, it becomes “4 digits”.
[0042] In an embodiment, after receiving the textual data, a plurality of dynamic password awareness sentences is generated by lexicalization of, the password structure, each of the plurality of partially matched password structures, and the frequency of occurrence corresponding to each of the plurality of partially matched password structures using the pre-trained NLG technique. The plurality of dynamic password awareness sentences is displayed to the user. For example, if the user creates a password with “USSSSSDU” password structure, and if the frequency of occurrence of this pattern is greater than the predefined threshold, then it is identified as a common pattern followed by many users. The NLG technique measures the count of such patterns and displays the warning “You should avoid using 5 symbols in sequence, as 40% of the users follow the same practice”.
[0043] In another example, for a pattern “DDDD” if “D” => digit, its count is 4 and the frequency of occurrence is 35%, then the password awareness information generated by the pre-trained NLG technique is “Avoid using a combination of 4 digits consecutively as 35% of users have performed similar practice.”
[0044] FIG. 5 is an example overall architecture for the processor implemented method for dynamic generation of password heuristics implemented by the system of FIG. 1, in accordance with some embodiments of the present disclosure. Now referring to FIG. 5, the architecture includes a password structure identification module 502, a matching module 504, a frequency of occurrence computation module 506, a tree updating module 508, an NLG module 510 and a dynamic password awareness information generation module 512. Initially, the password is received by the password structure identification module 502 and a password structure corresponding to the password is generated based on the comparison between the password structure and the plurality of predefined password structures. Further, the matching module 504 computes the first match value and the plurality of partially matched password structures. The first match

value is computed based on the comparison between the password structure and the plurality of predefined password heuristics. The user is warned for insecure password if the first match value is one. The plurality of partially matched password structures is generated based on the comparison between the password structure and a plurality of dynamic password heuristics if the first match value is zero. Further, the frequency of occurrence computation module 506 computes the frequency of occurrence of each of the plurality of partially matched password structures using the path ranking based tree traversal technique. The user is warned for probable insecure password if the frequency of occurrence is greater than the predefined threshold. The tree updating module updates the password structure tree by inserting the subtree corresponding to each of the plurality of partially matched password structures with the frequency of occurrence equal to zero. The NLG module 510 converts each of the plurality of partially matched password structures into the corresponding textual data. Finally, the dynamic password awareness information generation module 512 generates the dynamic password awareness information for the user based on the password structure, the plurality of partially matched password structures, the frequency of occurrence of each of the plurality of partially matched password structures and the textual data using the pre-trained NLG technique.
[0045] In an embodiment, the NLG module is trained as follows: In an embodiment, the NLG module is an encoder decoder model. The NLG model is trained using a set of different password structure patterns and their corresponding human-readable text sentences. The input also comprises of various existing password heuristics and sentences. For example, considering the path obtained from the password structure tree is UDDDDLSDL, here the common path is DDDD which is having the frequency of occurrence as 35% which is above the predefined threshold. The said data is given as input to the encoder decoder model and the encoder decoder model is trained to generate the output as “avoid using a combination of four digits consecutively since 35% of the users have performed a similar practice”. Similarly, the encoder decoder model is trained using a plurality of password structure and the corresponding human readable text sentences.

[0046] In an embodiment, the human readable text thus generated is used to create user awareness information. This can be administered either as early warning to the user or as training content to train the user. The training involves various form of software applications and interactive experiences that the user can opt for use. The training content in the training will be a combination of various static and dynamic heuristics. This training content can be periodically updated via periodically running services to update. The training content is having a user text embedded into interactive user interfaces. The training methods also captures the user interactions and responses, which can then be used to perform data analysis, which further helps in tailoring the training content.
[0047] The written description describes the subject matter herein to enable any person skilled in the art to make and use the embodiments. The scope of the subject matter embodiments is defined by the claims and may include other modifications that occur to those skilled in the art. Such other modifications are intended to be within the scope of the claims if they have similar elements that do not differ from the literal language of the claims or if they include equivalent elements with insubstantial differences from the literal language of the claims.
[0048] The embodiments of present disclosure herein address the unresolved problem of providing early password warning while creating password itself. The early warning provides an insight of a probably insecure password. The early warning is generated based on the frequency of occurrence associated with each of the plurality of partially matched password structures and the frequency of occurrence is obtained by traversing the dynamic password structure tree. Finally, the password awareness information is generated using the pretrained NLG technique.
[0049] It is to be understood that the scope of the protection is extended to such a program and in addition to a computer-readable means having a message therein such computer-readable storage means contain program-code means for implementation of one or more steps of the method when the program runs on a server or mobile device or any suitable programmable device. The hardware device can be any kind of device which can be programmed including e.g. any kind of

computer like a server or a personal computer, or the like, or any combination thereof. The device may also include means which could be e.g. hardware means like e.g. an application-specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or a combination of hardware and software means, e.g. an ASIC and an FPGA, or at least one microprocessor and at least one memory with software modules located therein. Thus, the means can include both hardware means and software means. The method embodiments described herein could be implemented in hardware and software. The device may also include software means. Alternatively, the embodiments may be implemented on different hardware devices, e.g. using a plurality of CPUs, GPUs and edge computing devices.
[0050] The embodiments herein can comprise hardware and software elements. The embodiments that are implemented in software include but are not limited to, firmware, resident software, microcode, etc. The functions performed by various modules described herein may be implemented in other modules or combinations of other modules. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that can comprise, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. The illustrated steps are set out to explain the exemplary embodiments shown, and it should be anticipated that ongoing technological development will change the manner in which particular functions are performed. These examples are presented herein for purposes of illustration, and not limitation. Further, the boundaries of the functional building blocks have been arbitrarily defined herein for the convenience of the description. Alternative boundaries can be defined so long as the specified functions and relationships thereof are appropriately performed. Alternatives (including equivalents, extensions, variations, deviations, etc., of those described herein) will be apparent to persons skilled in the relevant art(s) based on the teachings contained herein. Such alternatives fall within the scope and spirit of the disclosed embodiments. Also, the words “comprising,” “having,” “containing,” and “including,” and other similar forms are intended to be equivalent in meaning and be open ended in that an item or items following any one of these words is not

meant to be an exhaustive listing of such item or items, or meant to be limited to only the listed item or items. It must also be noted that as used herein and in the appended claims, the singular forms “a,” “an,” and “the” include plural references unless the context clearly dictates otherwise. Furthermore, one or more computer-readable storage media may be utilized in implementing embodiments consistent with the present disclosure. A computer-readable storage medium refers to any type of physical memory on which information or data readable by a processor may be stored. Thus, a computer-readable storage medium may store instructions for execution by one or more processors, including instructions for causing the processor(s) to perform steps or stages consistent with the embodiments described herein. The term “computer-readable medium” should be understood to include tangible items and exclude carrier waves and transient signals, i.e. non-transitory. Examples include random access memory (RAM), read-only memory (ROM), volatile memory, nonvolatile memory, hard drives, CD ROMs, DVDs, flash drives, disks, and any other known physical storage media.
[0051] It is intended that the disclosure and examples be considered as exemplary only, with a true scope of disclosed embodiments being indicated by the following claims.

WE CLAIM:
1. A processor implemented method (200), the method comprising:
receiving (202), by one or more hardware processors, a password from a user, wherein the password is made of at least one of, a plurality of alphabets, a plurality of numerical characters and a plurality of special characters;
generating (204), by the one or more hardware processors, a password structure corresponding to the password based on a comparison between the password and a plurality of predefined password structures stored in database, wherein the each of the plurality of predefined password structures comprises a plurality of characters;
computing (206), by the one or more hardware processors, a first match value based on a comparison between the password structure and a plurality of predefined password heuristics;
generating (208), by the one or more hardware processors, an insecure password warning to the user if the computed first match value is equal to one;
generating (210), by the one or more hardware processors, a plurality of partially matched password structures based on a comparison between the password structure and a plurality of dynamic password heuristics if the computed first match value is equal to zero;
computing (212), by the one or more hardware processors, a frequency of occurrence of each of the plurality of partially matched password structures using a path ranking based tree traversal technique;
generating (214), by the one or more hardware processors, a probable insecure password warning to the user if the frequency of occurrence is more than a predefined threshold;
updating (216), by the one or more hardware processors, a password structure tree by inserting a subtree corresponding to each of the plurality of partially matched password structures with the frequency of occurrence equal to zero;

converting (218), by the one or more hardware processors, each of the plurality of partially matched password structures into a corresponding textual data using a pretrained Natural Language Generation (NLG) technique; and
generating (220), by the one or more hardware processors, a dynamic password awareness information for the user based on the password structure, the plurality of partially matched password structures, the frequency of occurrence of each of the plurality of partially matched password structures and the textual data using the pretrained NLG technique.
2. The method as claimed in claim 1, wherein the plurality of dynamic password heuristics is stored in the password structure tree comprising a plurality of paths, wherein each of the plurality of paths comprises a plurality of nodes and a plurality of edges and, wherein each path is associated with a rank.
3. The method as claimed in claim 1, the step of computing the frequency of occurrence corresponding to each of plurality of partially matched password structures by the path ranking based tree traversal technique comprises:
comparing each of the plurality of characters corresponding to the password structure with each of the plurality of nodes associated with the password structure tree by traversing the password structure tree;
incrementing the rank associated with each of the plurality of paths if there is a match between each of the plurality of characters corresponding to the password structure with each of a plurality of nodes associated with the corresponding path; and
computing the frequency of occurrence of each of plurality of partially matched password structures based on the rank associated with each of the plurality of subtrees corresponding to each of the plurality of partially matched password structures.

4. The method as claimed in claim 1, wherein the step of generating the
dynamic password awareness information for the user based on the
password structure, the plurality of partially matched password structures,
the frequency of occurrence of each of the plurality of partially matched
password structures and the textual data comprises:
receiving the textual data corresponding to the password structure and the plurality of partially matched password structures, wherein textual data comprises the plurality of symbols and the frequency of occurrence of each of the plurality of symbols; and
generating a plurality of dynamic password awareness sentences by lexicalization of, the password structure, each of the plurality of partially matched password structures, and the frequency of occurrence corresponding to each of the plurality of partially matched password structures using the pre-trained NLG technique, wherein the plurality of dynamic password awareness sentences are displayed to the user.
5. The method as claimed in claim 1, wherein the first match value is set to one if there is a match between the password structure and at least one of the plurality of predefined password heuristics, and the first match value is set to zero if there is no match between the password structure and at least one of the plurality of predefined password heuristics.
6. A system (100) comprising:
at least one memory (104) storing programmed instructions; one or more Input /Output (I/O) interfaces (112); and one or more hardware processors (102) operatively coupled to the at least one memory (104), wherein the one or more hardware processors (102) are configured by the programmed instructions to:
receive a password from a user, wherein the password is made of at least one of, a plurality of alphabets, a plurality of numerical characters and a plurality of special characters;

generate a password structure corresponding to the password based on a comparison between the password and a plurality of predefined password structures stored in database, wherein the each of the plurality of predefined password structures comprises a plurality of characters;
compute a first match value based on a comparison between the password structure and a plurality of predefined password heuristics;
generate an insecure password warning to the user if the computed first match value is equal to one;
generate a plurality of partially matched password structures based on a comparison between the password structure and a plurality of dynamic password heuristics if the computed first match value is equal to zero;
compute a frequency of occurrence of each of the plurality of partially matched password structures using a path ranking based tree traversal technique;
generate a probable insecure password warning to the user if the frequency of occurrence is more than a predefined threshold;
update a password structure tree by inserting a subtree corresponding to each of the plurality of partially matched password structures with the frequency of occurrence equal to zero;
convert each of the plurality of partially matched password structures into a corresponding textual data using a pretrained Natural Language Generation (NLG) technique; and
generate a dynamic password awareness information for the user based on the password structure, the plurality of partially matched password structures, the frequency of occurrence of each of the plurality of partially matched password structures and the textual data using the pretrained NLG technique.
7. The system of claim 6, wherein the plurality of dynamic password heuristics is stored in the password structure tree comprising a plurality of paths,

wherein each of the plurality of paths comprises a plurality of nodes and a plurality of edges and, wherein each path is associated with a rank.
8. The system of claim 6, the step of computing the frequency of occurrence
corresponding to each of plurality of partially matched password structures
by the path ranking based tree traversal technique comprises:
comparing each of the plurality of characters corresponding to the password structure with each of the plurality of nodes associated with the password structure tree by traversing the password structure tree;
incrementing the rank associated with each of the plurality of paths if there is a match between each of the plurality of characters corresponding to the password structure with each of a plurality of nodes associated with the corresponding path; and
computing the frequency of occurrence of each of plurality of partially matched password structures based on the rank associated with each of the plurality of subtrees corresponding to each of the plurality of partially matched password structures.
9. The system of claim 6, wherein the step of generating the dynamic password
awareness information for the user based on the password structure, the
plurality of partially matched password structures, the frequency of
occurrence of each of the plurality of partially matched password structures
and the textual data comprises:
receiving the textual data corresponding to the password structure and the plurality of partially matched password structures, wherein textual data comprises the plurality of symbols and the frequency of occurrence of each of the plurality of symbols; and
generating a plurality of dynamic password awareness sentences by lexicalization of, the password structure, each of the plurality of partially matched password structures, and the frequency of occurrence corresponding to each of the plurality of partially matched password

structures using the pre-trained NLG technique, wherein the plurality of dynamic password awareness sentences are displayed to the user.
10. The system of claim 6, wherein the first match value is set to one if there is a match between the password structure and at least one of the plurality of predefined password heuristics, and the first match value is set to zero if there is no match between the password structure and at least one of the plurality of predefined password heuristics.