ºÚÁϳԹÏ

Applications are invited for a self-funded, 3-year full-time or 6-year part time PhD project.

The PhD will be based in the School of Computing and will be supervised by Dr Aikaterini Kanta, Dr Stavros Shiaeles and Dr Gelayol Golcarenarenji.

Passwords remain a central element in digital investigations. Despite progress in passwordless technologies such as passkeys, most forensic evidence still includes password-related artefacts. These include saved credentials, hash dumps, password reuse patterns, and indicators of obfuscation or tampering. Prior research has focused on password policies and cracking techniques, but the growing role of AI, both in defence and attack, has created new challenges and opportunities.

This project will explore how adversarial AI, especially large language models, can be used to analyse and simulate password-related behaviours. On the offensive side, it will investigate how generative models trained on real and synthetic data can produce intelligent password guesses based on context, user patterns, and policy environments. On the defensive side, it will assess the robustness of password evaluation and generation tools against AI-driven attacks.

The project will focus on digital forensic contexts, using password artefacts as a lens into user behaviour, risk exposure, and potential intent. It will evaluate how AI-enhanced tools can support investigators in identifying weak authentication practices, reconstructing timelines, and correlating user actions with credential data. The use of adversarial models will help stress-test current assumptions about password strength and complexity requirements.

While passkeys and other cryptographic alternatives are being adopted, they often coexist with passwords in fallback mechanisms and legacy systems. This project will consider these hybrid environments and assess how attackers may still exploit passwords. It will also explore how forensic access to these authentication remnants can remain a valuable source of intelligence.

The final output will include AI-powered tools and analytical methods that can be integrated into forensic workflows, enhancing both technical capability and investigative depth.

Fees and funding

Visit the research subject area page for fees and funding information for this project.

Funding availability: Self-funded PhD students only. 

PhD full-time and part-time courses are eligible for the UK  (UK and EU students only).

Bench fees

Some PhD projects may include additional fees – known as bench fees – for equipment and other consumables, and these will be added to your standard tuition fee. Speak to the supervisory team during your interview about any additional fees you may have to pay. Please note, bench fees are not eligible for discounts and are non-refundable.

How to apply

We’d encourage you to contact Dr Aikaterini Kanta (katerina.kanta@port.ac.uk) to discuss your interest before you apply, quoting the project code.

When you are ready to apply, please follow the 'Apply now' link on the Computing PhD subject area page and select the link for the relevant intake. Make sure you submit a personal statement, proof of your degrees and grades, details of two referees, proof of your English language proficiency and an up-to-date CV. Our ‘How to Apply’ page offers further guidance on the PhD application process. 

When applying please quote project code: CMP10141026