The reviewed record of science sign in
Pith

arxiv: 2504.00031 · v1 · pith:CJLUJI3J · submitted 2025-03-29 · cs.CR · cs.AI· cs.CL

Leaking LoRa: An Evaluation of Password Leaks and Knowledge Storage in Large Language Models

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:CJLUJI3Jrecord.jsonopen to challenge →

classification cs.CR cs.AIcs.CL
keywords passwordspassworddatafine-tuninginformationlanguagelargemodel
0
0 comments X
read the original abstract

To effectively deploy Large Language Models (LLMs) in application-specific settings, fine-tuning techniques are applied to enhance performance on specialized tasks. This process often involves fine-tuning on user data data, which may contain sensitive information. Although not recommended, it is not uncommon for users to send passwords in messages, and fine-tuning models on this could result in passwords being leaked. In this study, a Large Language Model is fine-tuned with customer support data and passwords from the RockYou password wordlist using Low-Rank Adaptation (LoRA). Out of the first 200 passwords from the list, 37 were successfully recovered. Further, causal tracing is used to identify that password information is largely located in a few layers. Lastly, Rank One Model Editing (ROME) is used to remove the password information from the model, resulting in the number of passwords recovered going from 37 to 0.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.