SE MINI-PROJECT REPORT ON

PASSWORD GENERATOR AS CHROME EXTENSION

Manoj Ramashish Gupta SE-15 Roll No. 10

Yash Pratap Kori SE-15 Roll No. 16
Vedant Ashok Patiyane SE-15 Roll number. 24
Kedar Prashant Wagh SE-15 roll number. 51

Led by Mrs. Meghali Kalyankar

Department of Cyber Security

SHAH & W.T. Patil Marg, Chembur, Mumbai 400088 Affiliated to University of
Mumbai approved by D.T.E. & A.I.C.T.E.
0-
99
# The UG program has been sanctioned by the NBA for three years beginning July 1,
2019.
Manoj Ramashish Gupta is SE-15 Roll No. 10
Yash Pratap Kori SE-15 Roll No. 16
Vedant Ashok Patiyane SE-15 Roll No. 24
Kedar Prashant Wagh SE-15 roll number. 51
University of Mumbai
in III.
CYBER SECURITY

__________________
(Ms. Meghali Kalyankar)
Guide

4 ________________ 44 (_____________________________ 44) Nilakshi Jain) (Dr. Mini

project report for S E. Semester III

This project report by Manoj Ramashish Gupta, Yash Pratap Koli, Vedant Ashok
Patiyane and Kedar Prashant Wagh entitled PASSWORD GENERATOR AS A CHROME EXTENSION
is published for III. A semester that partially meets the requirements for a
bachelor's degree.

Guide:
Ms. Meghali Kalyankar

Examiner:
1st
________________________________________

2.__________________________

Date:
Place: Mumbai

Statement
I declare that this written submission expresses my thoughts in my own words. to
the original source. We also adhere to all principles of academic honesty and
integrity and do not misrepresent, invent, or falsify any ideas/data/facts/sources
contained in my submission. Violation of the foregoing shall be grounds for
disciplinary action by the Institute, and shall not constitute criminal conduct
from sources not properly cited or, where appropriate, without proper
authorization.

Name & Reel Number: Signature:

Manoj Ramashish Gupta (SE-10)
Yash Pratap Koli (SE-16)
Vedant Ashok Patiyane (SE-24)
Kedar Prashant Wagh (SE-51)

Date:

Summary There are many password generators on the Internet. However, they are not
certain and are of a general nature. Many users have trouble remembering complex
passwords and tend to use old passwords more often. This project presents a new
technique for generating random and complex passwords by selecting letters and
numbers entered by the user. Users can also choose multiple unique and complex
passwords from the combinations they enter. It generates passwords from a selection
of letters and numbers entered by the user, making them more reliable and easier to
remember. In general, we recommend using open-source security tools whenever
possible, as the quality of the methods used can be independently verified. Note
that randomly generated passwords do not guarantee secure passwords. In fact,
there is absolutely no need to generate passwords in a completely random process.
It should be hard enough to guess. There are many examples of "random" password
generators on the Internet, but generating randomness can be difficult and many
programs do not generate random characters in a way that guarantees strong
security.
In general, we recommend using open-source security tools whenever possible, as the
quality of the methods used can be independently verified. Note that just randomly
generating a password doesn't mean it's a strong password. In fact, there is
absolutely no need to generate passwords in a completely random process. Must be
hard enough to guess.
Keywords: password, management, random, complexity, security.
Table of Contents
TOC \h \u \z Abstract PAGEREF _Toc118653042 \h 1List of Figure PAGEREF
_Toc118653043 \h 3List of Tables PAGEREF _Toc118653044 \h 3List of Abbreviation and
notations: PAGEREF _Toc118653045 \h 4Chapter 1: PAGEREF _Toc118653046 \h
6Introduction PAGEREF _Toc118653047 \h 61.1 Introducing password generator PAGEREF
_Toc118653048 \h 71.2 Managing Password PAGEREF _Toc118653049 \h 81.3 Motive
PAGEREF _Toc118653050 \h 8Chapter 2: PAGEREF _Toc118653051 \h 10Problem Statement
PAGEREF _Toc118653052 \h 10Chapter 3: PAGEREF _Toc118653053 \h 12Review of
Literature PAGEREF _Toc118653054 \ h 123.1 Research Gaps and Findings PAGEREF
_Toc118653055 \h 13Chapter 4: Comparative Analysis PAGEREF _Toc118653056 \h
15Chapter 5: Implementation PAGEREF _Toc118653057 \h 205.1 Implementation PAGEREF
_Toc118653058 \h 215.1.1 Chrome Extension PAGEREF _Toc118653059 \h 215.1.2 Creating
Chrome Extension PAGEREF _Toc118653060 時 215
In step 1.3, add this project as a Chrome browser extension. PAGEREF
_Toc118653061 \h 215.1.4 Flow Chart PAGEREF _Toc118653062 \h 22Chapter 6:Design
Details PAGEREF _Toc118653063 \h 236.1 Language Used PAGEREF _Toc118653064 \h 246.2
Technology used PAGEREF _Toc118653065 \h 246.3 API File PAGEREF _Toc118653066 \h
246.4 Steps PAGEREF _Toc118653067 \h 24Chapter 7: Future Scope PageRef
_toc118653068\H 26Chapter 8: Conclusion PageRef _toc118653069\h 28Chapter 9:
References PageRef _toc118653070\h 3044 - _toc118\H\H Figure Password Generator 6
Figure 1. Two Password Manager Cyber Victim 8 Figure 3. 1 Flowchart 13
Figure 5.1 Load Unpack 20
Figure 5.2 Flowchart 21
 List of Tables TOC \h \u \z Table 1
1 List of Abbreviation 3
Table 4. 1 Comparative Analysis 15
List of Abbreviation and notations:Table 1. 1 List of Abbreviations
HTTP Hypertext Transfer Protocol
HTML Hypertext markup language
CSS Cascading Style Sheets
IOT Internet Of Things
OTP One Time Password
PCFG Probabilistic Context-Free Grammars
CSSM Cloud Secure Storage Mechanism
ASR Automatic Speech Recognition
AGM Advanced Graphics Module.
BIST Built-in self-test
ICs Industrial control system
ERA Electrical Replaceable Assembly
AES Advanced Encryption Standard.
RPA Robotic Process Automation
PCFG Probabilistic Context-Free Grammars
LT-LFSR Linear Feedback Shift Register
CPM Critical path method
PUF Physical unclonable function
VRP Vehicle routing problem
SRAM Static random-access memory
FPGA Field programmable gate array
DOM Document Object Model
IoV Input/output virtualization
QR code Quick response code
OS Operating System
CSCWD Computer Supported Co- Operative Work In Design
VSCODE Visual Studio code
IP Internet Protocol
SSH Secure Shell
DOS Denial Of Service
DDOS Distributed Denial Of Service
FTP File Transfer Protocol
SNMP Simple Network Management Protocol
CPRI Common Public Ratio Interface
DNS Domain Name System
APT Advanced Persistent Threat
Chapter 1:Introduction
Chapter 1: Introduction
Introduction
Password Generator generates Random Password based on the following format
selected. If you need to create a temporary account through a website (Amazon,
Flipkart, etc.) to avoid periodic notifications and offers, you can do so using our
extension. The extension is much easier to use and allows you to create passwords
and manage passwords easily.
1.1 Introduction to Password Generator All you need to know about password
generator is the necessity of password generator.
Strong passwords are the key to protecting your personal assets on the Internet.
password generators are used to help generate highly secure passwords that are
difficult to track or hack.
Languages used are HTML, CSS and JavaScript.
Use a dynamic website
Figure 1.1 Password Generator

Password Generator pop-up screen to help you generate your password.

 Figure 1.2 Password manager
Password management tool to manage generated passwords
1.3 Motivation 81% of data breaches in 2020 were due to compromised credentials.
Passwords are less secure because the number of letters and numbers that can be
used in passwords is limited.
If the password length is too short, weak passwords can be guessed or attackers
can use brute force, so try random strings with special characters. It's hard to
remember for security reasons, but it's pretty secure. Strong passwords are also
required for proper storage.

Figure 1.3
Cyber Victims Country Statistics Country names indicate the number of cyber
victims
Chapter 2: Problem Description Chapter 2:
Problem Description The most common form of corporate and personal data breach.
Password attacks are easy when hackers try to steal passwords. Hackers know that
many passwords are poorly designed, so password attacks remain an attack vector
when passwords are in use. Using a password manager is the safest way to ensure
your credentials are properly encrypted
This protects your password from prying eyes and unauthorized access. Other types
of password generators are designed to generate more recognizable passwords instead
of completely random character sets. There are tools that generate pronounceable
passwords and custom tools that allow users to set advanced conditions. For
example, a user may be required to generate a new password with a certain number of
characters, a certain combination of letters and numbers, a certain number of
special characters, or other criteria. Password Generator helps users who
constantly need to invent new passwords, secure access to programs, and manage
large numbers of passwords for identity and access management. Another type of tool
is a password vault, where users store many passwords in one secure location.

Chapter 3: Literature Survey

Chapter 3:
Literature Survey
The literature survey for this project included 20 literature surveys based on the
password generator concept. Most of the papers were based on the concept of ease of
use rather than generating strong passwords. Other projects were based on how
password generators were created. The common conclusion of this paper was that it
is safer than any other generator. After reviewing this literature project, I have
gained more knowledge and insight into password generation and Chrome extension
implementations in the industry. These documents helped develop a password
generation concept that had never been implemented before. Passwords are an
important authentication method for computer-based collaborative systems and
generally should be easy to remember, strong, and non-reusable. Some password
managers help users manage site-specific passwords locally or in the cloud. PassImg
can ensure password usability and security through an offline management process
without storing data on the server[3].
QR code technology eliminates the need for central servers and networks, reducing
the attack vectors available to attackers. These papers propose security
methodologies to protect test pattern generators (TPGS) from hardware threats. TPGs
are vulnerable to malicious activity such as scan-based attacks against ICs. This
work provides a secure test pattern generator for BIST circuits by locking the
TPG's logic with a password or key [9]. In this paper, we simulate a game between
attackers and defenders to evaluate possible strategies in the honeyword system.
The attacker's guessing strategy uses top PW attacks and proposes a novel PassGAN-
based attack that allows password storage and management. The
project was quite complex, but the "Chrome extension" was quick and easy to
install and use.
A visual representation of all sorted data collected in Password Generator.
 Figure 3.1 Flowchart [1]
Password Generation Flowchart

Chapter 4: Comparative Analysis

Chapter 3:
Comparative Analysis
Table 4.1 Analysis
2022 Angron2
PBKDF2 passwords can be stored in a database.
Cannot be hacked Due to the data size limitation of QR codes, the sync process
does not send the image itself, only the hash value of the image.
MDBSCAN 3 PASSTRANS: Improved Password Reuse Model Based on TRANSFORMER 2022 ASR
Evaluate the performance of compromised password records. lose
cells
4 PG-Pass: Targeted Online Password Guessing Model Based on
Pointer Generator Network
2022 Based on AGM Probabilistic Context-Free Grammar (PCFG) Website passwords
should be set more complex.
Universal key for authentication
using an OTP generator that can be calculated by 5 people. To use the
block cipher up to two more times, you must re-encrypt the block cipher.
6
Cloud secure storage mechanism based on data distribution and encryption
2021 To prevent data breach at CSSM storage layer.
CSSM Integrates data distribution and distributed storage to achieve encryption,
encryption and distributed storage Data encryption technology stores data in
ciphertext by encrypting the data with a cryptographic key. However, an attacker
can recover the original data by stealing the key.
7
Hybrid True Random Number Generator Using Ring Oscillator
and Digital Clock Manager
2021 JITTER Ability of the proposed design to generate true random numbers. A true
random number generator with a programmable delay line is said to reduce
correlation. The danger arises because most extensions have the ability to collect
many non-malicious data extensions, which can be dangerous, including test pattern
generators. The proposed architecture increases the correlation between patterns
generated by LT-LFSR, with negligible impact on test length. Websites that provide
passwords and/or store and manage passwords are vulnerable
11 Evaluation of enhanced password authentication using random numbers stored on
the device An attacker can attack, but the information can be recovered. If you
don't save it, you can't save it.
12 Symmetric key generation with randomness
2020 AES setup of
hash function is quick and convenient.
This method is simple and straightforward, so anyone can easily master it. The
only drawback is that the receiver must obtain the private key from the sender.
13 GENPass:
A Multi-Source Deep Learning Model for Password Guessing
An open source tool that uses
when guessing passwords.
14 STRONG PASSWORD GENERATION BASED ON USER INPUT 2019 ERA Generator is randomly
created, which makes it different from other generators. Easy to remember. The main
drawback is that only numbers and alphabets are used. This isn't a strong password
like other generators. The honey word generation strategy used in this work scrubs
by optimization. It's hard to understand because it mixes the two methods.
16 His two-factor authentication protocol using IoV's Physical Unclonable feature
2019 PUF
Another person cannot use the user device to successfully authenticate as the
user. Two-factor authentication takes time.
 Two-factor authentication is not free.
17 A Method for Efficient OPT Generation Using Pseudorandom Generators 2019 One-
Way Hash Used in probabilistic and statistical applications when large amounts of
random numbers are required. The main drawback is that it takes a long time to
generate a large number of comparative random numbers.
18 Improved Key Generation Techniques for Secure Data Access in the Cloud
2019 An obfuscation technique was proposed to protect the
seed value to improve VRP security.
Accessible or understandable only by authorized parties
19 Implementing Password Management Systems
Using Ternary Addressable PUF Generators
2019 SRAM PUF
Used in this document to add an additional layer of security to password
management. increase. The only drawback is the implementation of a password
management system using a ternary addressable PUF generator.
20 Parallelize Brute Force Attack on MD5 Hash Algorithm on FPGA
2019 Avoid Virtex-7 FPGA bus contention.
Each crypto block can own the entire bandwidth of the connection. Major advances
have put crypto systems at a disadvantage as attackers use the high computational
power of these systems to perform brute force attacks.
Chapter 5: Implementation
Chapter 5:
Implementation
Software Used:
To create a Chrome extension, you need a manifest.json file. The manifest.json
file contains all the information you need to create your Chrome extension. This
is the first file to check for extensions and everything is read from that one
file.
5.1 Implementation 5.1.1 Chrome Extensions Chrome extensions are programs that are
installed in the Chrome browser and extend the functionality of the browser. Easily
authored using web technologies such as HTML, CSS, and JavaScript.
Creating a Chrome extension is similar to creating a web application, but
requires a manifest.json file, described in the last section of this article.
5.1.2 Creating a Chrome Extension First, you need to create an empty folder in
which to place your HTML, CSS and JavaScript files.
The main files in the folder are Manifest.json, Jquery-3.5.1.min.js, Script.js,
Popup.HTML, Content.js
. 5.1.3 Steps to add this project as an extension in the Chrome browser. Step 1:
Type -> chrome://extensions
in the Chrome address bar Step 2: Toggle developer mode in the upper right corner
Step 3: In the upper left corner Click Load Unpacked

Figure 5.1 Load Unpacked

The extension created by uploading in the Load unpacked tab.
Step 4: Select the created folder and open this folder
Step 5: The Chrome extension will be added to your browser. Start Developing Now
All basic requirements are met, so let's start developing now.
5
1.4 Flowchart
Figure 5.2 Flowchart
Flowchart showing the process of creating a password
Chapter 6: Design Details
6.1 Language Used HTML:
HTML (Hypertext Markup Language) is used to show the basic structure of the front-
end interface . Add in and save a Cascading Style Sheet (CSS) file. CSS:
(Cascading Style Sheets) is used to design the front end of the program, i.e. the
conference website used as external CSS for styling.
is HTML (Hypertext Markup Language).
-JavaScript:
-JavaScript is a well-known scripting language used to create magic in pages and
make them interactive for users. Used to improve website functionality and run
great games and web software. It can be used in both frontend and backend. jQuery:
jQuery is an open source JavaScript library that simplifies the interaction between
HTML/CSS documents, or more precisely the Document Object Model (DOM), and
JavaScript. It simplifies HTML document browsing and editing, browser event
handling, DOM animations, Ajax interactions, and cross-browser JavaScript
development by handling jQuery concepts. 6.2 Technology manifesto used
json
VS Code
6.3 API File Random Generator 6.4 Instructions Create an account Open the website
Click the login button to sign up for an account
Fill in the basic details. Then click the extension on the Extensions tab.
A pop-up screen will appear and all necessary details will be collected from the
screen.
Email ID section is optional.
Then click Generate Password and a password will be generated for you.
To copy, click Copy to Clipboard.
Click Save Password to save your password.

Chapter 7: Future Scope. With the proliferation of password managers today, the
difficulty of remembering more complex passwords is no longer a problem for most
users.
Passwords are now an integral part of security measures. This has been the case
for many years. However, passwords cause many problems. They are hard to remember
and require too much knowledge. Additionally, it may have been stolen and leaked to
the dark web. Combining these two statements creates more problems.
When I need to know a lot of hard-to-remember passwords (because simple passwords
are easy to crack with brute force), I tend to take shortcuts. You can keep track
of all your credentials by reusing passwords or relying on risky storage methods
Generation of density-based clustering rules for password guessing. Generate
mangling rules with density-based clustering for password guessing.
Many people try to create passwords that are easy to remember, or create passwords
for each account. This act is very dangerous. While it makes things easier for
users, it also makes it easier for computer hackers to guess passwords and access
and compromise data.

Chapter 8: Conclusion
Conclusion
Password Generator is an attractive, exciting and engaging application. Create
strong passwords with our secret password generator. This password generator saves
website passwords. Clear all data as soon as you exit the window. So, with this
password generator, you can create a secret strong password without any hesitation
[2]. Many authentication schemes are available to protect people's data. Most of
the time, users forget their passwords because of these complex patterns. This
project proposes a unique algorithm to generate strong passwords, unlike other
existing random password generators. Our proposed system generates passwords by
prompting users to provide (easy-to-remember) text and numbers as input. Generated
password meets minimum password strength standards
We have experimented that generated passwords can defeat dictionary and brute force
attacks. [3] In this paper, we simulate a game between attackers and defenders to
evaluate possible strategies in the honeyword system. The attacker's guessing
strategy uses top PW attacks and proposes a new PassGAN-based attack. The proposed
defender spawning strategy could lower the attacker's success rate to her 9%.
Chapter 9: References
Reference Y. Yin, J. Jang-Jaccard und N. Baghaei, 「PassImg: A Secure Password
Generation and Management Scheme without Storeing」, 2022 IEEE 25th International
Conference on Computer Supported Cooperative Work in Design (CSCWD), 2022, S. 341-
346,ドイ: 10.1109/CSCWD54268.2022.9776045.
https://ieeexplore.ieee.org/document/9776045S
Li, Z. Wang, R. Zhang, C. Wu and H. Luo, "Generating Mangling Rules with Density-
Based Clustering for Password Guessing," IEEE Transactions on Trusted and Secure
Computing, 2022, doi : 10.1109/TDSC.2022.3217002 .
https://ieeexplore.ieee.org/document/9928405
He X, Cheng H, Xie J, Wang P, and K