-
-
Initial page
-
Generated image
Inspiration
When I looked in schools, doctor's offices, and homes, I often see passwords unprotected on sticky notes or piles of paper. I've often spoken to people who are skeptical of password managers or simply can't memorize passwords well. They usually resort to creating insecure and commonly used passwords - one of the most dangerous cybersecurity issues a person can have.
A commonly referred-to comic in cybersecurity is XKCD 936, which explains that long dictionary passphrases are just as secure as complex random passwords. However, these passwords can still be difficult to remember - think of how you're going to memorize "correctbatterycarmansionmountain."
What it does
Pipasso is an AI-powered tool that easily creates memory aids for generating passwords. It uses advanced generative AI to generate passwords of various lengths and types, chosen by the user, in addition to making pictures that represent those passwords. The pictures are not deterministic - an attacker wouldn't be able to figure out the password just with the picture, and vice-versa - due to the non-deterministic nature of generative AI.
Additionally, Pipasso includes a password manager that also allows users to manage the corresponding memory aid images. This manager uses secure zero-trust end-to-end encryption, so no user data is secured on the server in plaintext.
How we built it
Pipasso is structured as a single-page web application, written using Java Enterprise Edition, which allows for scalability and reliability. OpenAI's GPT-3.5 and DALL-E-3 are used for the generation of passwords and pictures. The Bayun SDK is used for end-to-end zero-trust encryption of the user secrets.
Challenges we ran into
It was difficult to incorporate numbers into the generated passwords. Language models cannot do math or count very well, and it definitely shows in the images generated. Therefore, we used a cryptographically secure random number generator to send DALL-E-3 the quantities of objects (i.e. 5 cars) but since it is sometimes inaccurate in actually drawing that quantity, we ask the user to count how many of the objects are in the picture, which becomes a part of the password.
Accomplishments that we're proud of
I'm proud of this entire work, especially the prompt engineering. That takes a long time to get right, since AI always either takes everything too literally or not literal enough. As a backend-oriented developer, the website styling was a challenge for me, but it was a great learning experience!
What we learned
I learned the programmatic power of generative AI and how we can incorporate it into all the functions of today's software. Additionally, I found that the randomness of generative AI - normally criticized as causing inaccuracy of facts - can be used for purposes beyond intended.
What's next for Pipasso
I plan to continue this project! I plan to add more options for passwords, such as adding a way to memorize PIN numbers, and possibly other types of data, such as phone numbers and credit card information.
Log in or sign up for Devpost to join the conversation.