Identifying Vulnerabilities: How User Password Choices

Contribute to Data Breaches

Thinh Tran
Applied Data Science

28th September 2024

1 Introduction
In this digital age, data breaches related to authentication credentials are common but devastating. Millions
of username and password credentials have been compromised in these incidents, causing severe reper-
cussions for individuals and organizations. Despite the obvious flaws in passwords as a security measure,
they still boast the most widely used authentication form over digital platforms, making them primary targets
for cyber attackers.
An odd trend continues: with the advanced security measures today’s people enjoy, such as password man-
agement software, multi-factor authentication (MFA), and password strength indicators, weak and guess-
able passwords are still common among users. These passwords provide easy prey to brute-force attacks
and dictionary-based cracking methods. Research shows that many people’s passwords follow predictable
patterns, are based on personal information, or draw in figures from mainstream culture that everyone is
familiar with. All of these factors make it easier for attackers to get at them. Users’ repeated patterns of
behavior ensure that the consequences of data breaches are ever-increasing.
The core objective of this project is to learn why users constantly go for weak passwords and to analyze the
trends behind their password choices. Using the AuthInfo-Dataset, which gives anonymized user names
and password pairs culled from various breaches, the thesis will attempt to identify these common behaviors
that affect people’s selection of passwords. This research will focus on recognizing repeated patterns,
external influences (like popular culture or famous venues), and user habits that lead to weakened password
security. Through gaining these insights, the thesis aims to make some recommendations that could be of
genuine service in future efforts to make computer passwords more secure and, at the same time, raise
awareness about the importance of creating more robust and less predictable password systems.

2 Background and Related Work

For a long time, passwords have been the most widely used form of authentication in the digital space.
This is mainly because they are simple and easy to use. Although more complex security technologies
such as biometric verification, two-step verification (MFA), or other advanced security methods have been
developed over time, password-based systems still have a strong position in the market. Passwords thus
remain a central weak point for security because, as such, they are vulnerable to attacks. These common
risks include data breaches, people or bots trying to ‘phish’ someone’s password out of them, and brute
force attacks. Most of these weaknesses stem from the lousy management of passwords or predictable
behavior among users, making the job easier for attackers who want to use our system and get our most
valuable information (Güven et al., 2022).
The continued prevalence of vulnerable password practices in cyber security is a significant worry. Users
often have easily guessable passwords or use the same password for many accounts, and attackers who
have already obtained compromised credentials from previous breaches can pose a pernicious threat to
their other accounts. With the digital threat landscape in a constant state of flux, the methods used to
enhance password security must evolve similarly. Research increasingly uses machine learning (ML), data
visualization, and statistical analysis to penetrate the more profound vulnerabilities of passwords and better
inform future password policy settings. These research studies focus on understanding how users select

1
Project Proposal - BRP24/25

their passwords, how breach data can be used to make more accurate policies, and how real-time feedback
can better direct users in password creation procedures (Bhagavatula et al., 2020).
One crucial development is the increased availability of personal data on social media platforms and other
public places online, which gives attackers more chances to guess passwords based on private information
about us (Atzori et al., 2024). In this environment, researchers and cyber security professionals have both
challenges and unique opportunities in their efforts to raise the overall security level of password-based
systems.

Password Selection and User Behavior

A primary focus of password security research has been understanding how and why users pick their
passwords–and the dangers that protecting those passwords carries. Studies have repeatedly shown that
users often have predictable password habits. Good example: Many use poor passwords that are easy to
remember yet easy for hackers to guess. These typical habits include the use of common words, simple nu-
meric sequences, or personal information (e.g., birthdays or names of family members) to bypass system
security measures (Yu and Liao, 2016). Reusing passwords across different accounts is another wide-
spread behavior that significantly increases the possibility of successful cyberattacks. When a break-in oc-
curs, attackers can use the stolen credentials to get into other accounts belonging to the same user.
Güven et al., 2022 conducted a large-scale analysis of over ten million password-user pairs from breached
datasets. They found that users tend to create passwords following specific recurrent patterns, which makes
them more vulnerable. These patterns often include repetitive sequences or familiar structures like names
combined with numbers. Such predictable behavior makes it easier for attackers to carry out brute force or
dictionary attacks, where they systematically guess passwords, trying known patterns or leaked password
lists.
Bhagavatula et al., 2020 examined user behavior following data breaches and found that despite the in-
creased risk, only a surprisingly low percentage of users changed their password after a breach. Even
when users did change their passwords, many moved to weaker or minimally different versions of exist-
ing passwords, leaving themselves vulnerable to further breach attempts. This points to the limitations of
post-hack notifications and user action initiatives. They cannot significantly affect password security beha-
viors.
Further complicating things is the lack of two-factor authentication (2FA), a critical security measure that can
add another layer of password protection. Dastane et al., 2020 found that users subject themselves to far
more risk by using only passwords without the added protection of 2FA. The risk is further compounded by
their reuse of passwords and reliance on simple password structures, as attackers can apply the breached
data to compromise many accounts at once using the same or similar password.

Data Visualization in Password Security

Visualizing how passwords are generated can make the login process more intuitive. Writing down charac-
ters, taking random words from novels, or playing with numbers are different ways to generate a password.
Despite this, certain conventions and methods for generating your own password exist, and these can be
easily demonstrated through visual aids. As an example of the use of visualization tools within this field, Yu
and Liao, 2016 created a tool that detects repeated password patterns. It is easy to make a system that, for
example, elongates simple strings into what looks like complex passwords. However, their research showed
that while such passwords may appear firm, they have predictable patterns attackers can exploit.
Data visualization is also an effective teaching tool. Zhang-Kennedy et al., 2013 inspected the realization
of password security data through visualization for non-professional or non-technical end users. Traditional
text-oriented security advice for people not to use common passwords or to mix letters and numbers fails to
engage users or change their behavior. However, Zhang-Kennedy found that interactive visual forms such
as infographics and comics were more successful, and engaging efforts are caught in these new attention-
grabbing media. At the same time, measurable gains on this front may be expected over the next few years.
The visual formats helped users understand that compromised or weak passwords pose a real danger and
thus led them to select their alphanumeric sequences more responsibly.
An effective way of visualizing data is to analyze password strength in real-time, allowing users to receive
immediate feedback. Farooq, 2020 developed a tool that uses machine learning algorithms to evaluate
the strength of user-generated passwords in real-time. Giving immediate feedback as they create their

UC3BPR 2024 2
Project Proposal - BRP24/25

passwords helps users fully understand the weakness of their password choices and encourages them to
create stronger, more secure passwords. Through Farooq’s research, this paper also shows that combining
machine learning with visualization can considerably change user behavior in real time to upgrade password
security.

Güven et al., 2022 have pointed out the role that machine learning has played in identifying regular patterns
used when selecting passwords. After analyzing a complete dataset with over ten million userID-password
pairs from breached databases, researchers demonstrated that their machine learning models could predict
which passwords were weak based on what other passwords certain users had chosen. This shows the
potential of machine learning to change the paradigm of password management systems, enhancing their
efficiency through recognition and avoidance of vulnerabilities before an attack occurs.
Machine learning has also been used to enhance the security of password entry systems. For instance, Lee
and Yim, 2020 examined how machine learning models protected against keylogging attacks. Keyloggers
are malicious software programs that steal passwords by intercepting and recording users entering them.
Researchers could significantly increase the security of password entry mechanisms by teaching machine
learning models to differentiate between genuine user inputs and the keystroke records accumulated by
keyloggers. This reflects the potential of machine learning in defending against more sophisticated forms
of cyber attacks precisely aimed at password systems.
Another primary use of machine learning in password safety is recognizing weak practices among de-
velopers. Lykousas and Patsakis, 2024 studied the password practices of developers by comparing Git-
Hub repository passwords with those in the Rockyou2021 leaked password dataset. Developers generally
showed higher password strength than the average user, but there was still a significant security gap among
system complexities where control was not executed. It is necessary to set up machine learning-driven
monitoring systems to immediately spot and flag insecure password practices (Lykousas and Patsakis,
2024).

Enhancing Password Policies through Behavioral Change

Motivating users to improve their password security habits is a challenging problem. Traditional password
policies, which insist on complexity by requiring users to have a mix of letters, numbers, and special char-
acters, are resisted by most people; they think it is inconvenient even though they may understand the
need for such a policy (Shay et al., 2010). Consequently, even when users are aware of the security risks
associated with simple, memorable passwords, they continue to generate more frequently than any other
form they do not even remember.
According to Güven et al., 2022, a new approach promises to change this stalemate: tailoring password
policies based on statistical analysis and machine learning models of breached password data. Their
research suggests that if one can understand user behavior by studying Big Data, policy-making for pass-
words might follow different general principles than one would expect if operating in a void. For example,
regulations on common password patterns/attempts to avoid copying repetition and obvious logic (such
as children’s names revealing coinciding data on emails) can alleviate some of the risks of weak pass-
words.
Farooq, 2020 attaches considerable importance to real-time feedback in promoting behavioral change. By
incorporating machine learning-powered password strength meters into web application interfaces, users
can receive immediate visual information regarding their password’s strength as they compose it. This
prompts users to craft and follow different character combinations until they hit upon a password that meets
the system criteria for strength. Pictorial indications combined with real-time feedback can bring about
significant shifts in user behavior and result in more secure password practices over time.
Research by Atzori et al., 2024 looked at how the widespread availability of personal information on social
networks affects password security. Their research discovered that users often base their passwords on
easily accessible personal data, such as the names of family members and pets or dates of birth. This
makes it relatively easy for an attacker to rummage through popular social media profiles to discover our
password. The study used generative models and data reconstruction techniques to evaluate the semantic
strength of passwords, finding that ones derived from personal data generally have lower strength. This
research underscores the need for password policies to be cognizant of syntactic (e.g., length and character
complexity) and semantic vulnerabilities.

UC3BPR 2024 3
Project Proposal - BRP24/25

Addressing Credential Theft and Password Reuse

When it comes to password recycling, data protection researchers should be concerned. A longitudinal
study of the theft of credentials conducted by Thomas et al., 2017 used data breaches, phishing activities,
and keyloggers. It found that phishing attacks and data breaches cause millions of names and passwords to
be revealed yearly—one reason why password reuse is so prevalent. The authors wrote that, for example,
400 times more likely phishing victims are to suffer having their account hijacked than someone who has
his password stolen in a data breach. This illustrates the importance of making unique passwords for each
account we use and is not currently practiced on a large enough scale by many people.
Dastane et al., 2020 also pointed out the danger of reusing passwords. In their study, users were found
to prominently rehash passwords over many application platforms, resulting in vulnerability to attack. The
researchers stressed the importance of two-factor authentication (2FA), at the very least, a secondary level
to protect the risks brought by recycled passwords. By adding a second layer of defense to password
reuse, although there are now public-ready technologies available for 2FA, acceptance by users remains
low, especially where cybersecurity awareness is inadequate. This is where a concerted effort needs to be
made to inform users of the importance of combining 2FA with good password practices to safeguard their
digital identities.

Conclusion
In conclusion, as revealed through the evolution of research into security passwords, whether user behavior
is good or bad is critical in determining the effectiveness of password-based security systems. Even though
mechanisms have been established for password policies, machine learning, and data visualization, some
traditions, such as using birthdays as passwords, still remain. People’s habits are what place them in
danger. Although users have proven intelligent, they exhibit behaviors that render their security unharmed.
To deal with these challenges, it is critically important to take a multi-faceted approach that incorporates
extensive data analysis, machine learning, and a collection of those slivers of behavior comprised of the
human psyche.
Using machine learning models, real-time feedback, and visualization tools represents an auspicious dir-
ection for improving people’s password habits. As research by Güven et al., 2022 and others like Dastane
et al., 2020 has demonstrated, these technologies offer immediate, actionable insights that enable users
to produce stronger and more secure passwords. Additionally, by tackling the dangers of loss of creden-
tials and password reuse through instruction and the adoption of 2FA, password security may be further
enhanced in an increasingly digital world.
In the end, a comprehensive strategy is required to cope with the risks posed by lax password-choosing
practices. As cyber perils become ever more varied and refined, so too should measures for improving
password security be modified. To this end, users must acquire the means and know-how needed to
protect their digital identities.

3 Problem Statement
Passwords are critical in protecting sensitive information, but users continue to create insufficiently strong or
predictable passwords despite ongoing security threats and constant unheeded publicity. People often go
for vulnerable practices like simple patterns, easily guessed familiar personal details or simple components.
This is one contributory factor to making a poor-quality password. Breached data sets also reveal how
attackers utilize these weak passwords in their successful parlay, while current password policies typically
do not address the underlying problem. The reuse of compromised passwords across millions of users time
and again presents significant risks to individual security and organizational infrastructure.
However, the problem continues. The security provisions we have today address this weakness in pass-
word creation. This project uses the AuthInfo dataset to visualize and analyze these patterns thoroughly,
highlighting the dangers customers face when choosing passwords.
Problem Statement: Users continue to select weak and easily guessable passwords, exposing themselves
and organizations to significant security risks. Current password policies are insufficient to address this
issue, and understanding these behaviors through data analysis is crucial to developing more effective
security practices.

UC3BPR 2024 4
Project Proposal - BRP24/25

3.1 Scope and Limits

The goal is to seek patterns in how users pick their passwords.AuthInfo-Dataset was used to explore users’
behavior in choosing passwords. This project focuses on finding trends and relieving weaknesses related
to bad password behavior. In addition, we will suggest improvements to current password policies. The
scope of this project includes:
• Looking for predictable patterns in anonymized data.
• Using brute-force attack simulations to test password strength.
• Developing models for analyzing user behavior.
The project will not involve:
• The development of new encryption algorithms or password management tools.
• Assessing biometric or non-text-based authentication systems such as fingerprint or face recognition.
Although it will review password policies, experimenting across many platforms is not feasible in large-scale
terms. This study will be concerned with textual passwords and use data from the dataset to discover
current password behaviors or suggest improvements within this context.

4 Research Objectives
The primary objective of this research is to analyze patterns in user password behaviors using the AuthInfo-
Dataset and to develop actionable recommendations for improving password security policies.
In order to achieve this primary objective, the following sub-objectives have been identified:
• Identify common patterns in password creation by analyzing the dataset, focusing on recurring
password characteristics such as length, complexity, and use of predictable elements.
• Evaluate password strength through brute force simulations and statistical analysis, determining
how easily certain passwords can be compromised.
• Examine the impact of user behavior on password security, particularly how habits like password
reuse or predictable modifications affect overall vulnerability.
• Investigate the influence of external factors (e.g., popular culture, personal information) on user
password choices and how these factors contribute to security risks.
• Develop recommendations for improved password policies that balance security with user con-
venience, based on insights gained from the analysis.
• Propose educational strategies to raise awareness about secure password practices and the im-
portance of using strong, unique passwords.

5 Research Methodology
This research will use AuthInfo-Dataset to analyze user password behaviors. It will be a data-driven ap-
proach, and the main purpose is to understand better patterns in people’s password selection, common
points of vulnerability, and the entropic nature of these choices. This methodology is selected because it
meets research objectives, such as identifying prevailing password patterns, judging how strong passwords
are, and, of course, offering practical recommendations based on real at-rest data.
Data Analysis and Visualization: The research will use statistical methods to thoroughly explore the
dataset and find patterns in password characteristics. This will include visualizing distributions of these
characteristics and identifying which clusters may be outlying points. Python’s Pandas, Matplotlib, and
Seaborn are three tools we will use to achieve this goal. The goal is to turn raw data into insight, which can
be used in further analysis.
Interactive Dashboard Development: To best communicate our findings, an interactive dashboard will be
created. This dashboard will allow users to manipulate their presentations on various password behaviors,
such as filtering by password length, complexity, or frequency. The dashboard will use Tableau and similar
tools to provide visual summaries and let stakeholders understand patterns in the data without requiring

UC3BPR 2024 5
Project Proposal - BRP24/25

any IT knowledge. This approach is suitable for presenting complex data to others as an activity rather than
a conversation and helps them do something about what they have learned.
Machine Learning Models for Pattern Detection: Machine learning models such as clustering and clas-
sification algorithms will be used to discover underlying patterns in the way passwords are chosen. Models
like K-means clustering can put passwords into different clusters based on their characteristics. In contrast,
classification models can predict whether a password is weak or strong independent of these features.
These models will yield a fuller understanding of user activities and lead to advice on creating better pass-
word policies for the future.
Justification and Relevance: A data-driven approach is legitimized by the need to understand password
behaviors on a large scale, which cannot be done through qualitative methods alone. An interactive dash-
board helps make the findings more accessible, letting security practitioners and policy-makers understand
what they are getting and implement changes with less effort. This methodology is in line with the develop-
ment of similar patterns in data (Yang et al., 2016), which shows a combination of statistical analysis and
machine learning techniques to understand and visualize people’s passwords.

6 Primary Data Set

This study utilizes data from the AuthInfo-Dataset, a pre-existing set of usernames (hashed) and passwords
pairs in anonymized form. The dataset is sampled from various information leaks from similarly available
public areas. This file provides long-term records of user password habits, a reasonable frame of reference
for studies on password selection habits, and the security environment of password paradise, and it is the
about-to-be-released treasure trove for this paper as well. It includes meta-data such as size or character
set used in creating these passwords, which are vital for such studies and provide functional analysis
features.
After anonymizing the data in the dataset, the privacy of users and the integrity of its password pairs for
analysis are ensured. In this way, the study can systematically grasp trends in password construction
and common weaknesses without violating ethical rules. The AuthInfo-Dataset employs brute-force attack
simulations, tests password strength, and looks for predictable patterns through statistical analysis, all
based on utilizing field-tested methods.
Working with this dataset involves several steps, including:
• Data cleaning and preprocessing: Removing any irrelevant or incomplete data while maintaining a
focus on the key attributes needed for the analysis.
• Statistical and machine learning analysis: Identifying patterns in password selection and modeling
the likelihood of successful attacks based on common traits observed in the dataset.
• Simulation of brute-force attacks: Testing the resilience of passwords using various attack strategies
to determine the strength of password choices.
No information will be collected directly from data, and datasets will be anonymous; the author believes this
work does not infringe upon ethics. The main threat from data in this database is that it could be misused
if access controls are not well regulated. However, there should be no possibility of that, and indeed, our
data must be handled responsibly during all stages.

7 Artefact and Evaluation

The result of this research will be that the priority will be to design and produce an immediate-figure inter-
active with data visual dashboard developed from squatting brag house. The dashboard will give a more
precise visual representation of user password behavior, drawing attention to specific vital patterns and
trends that may be observed through AuthInfo-Dataset analysis. Not only will this dashboard be a method
for exploring and presenting the findings relevant to password strength, vulnerabilities, and user behavior,
but it will also make data more accessible and understandable by all levels of the audience – technical or
not.
In addition to the dashboard, machine learning models will be implemented to provide support for analysis.
These models will predict the probability of password compromises based on specific user behaviors and
patterns found within the data.

UC3BPR 2024 6
Project Proposal - BRP24/25

Artefact Features
• Interactive visualizations: Graphs, charts, and heat maps displaying password characteristics, such
as complexity, length, and common patterns across user groups.
• Brute force simulation results: Visual representations of how long certain password types would
take to crack under different attack strategies.
• Predictive models: Machine learning-based insights into the likelihood of password compromise
based on observed patterns.

Evaluation Plan
The artefact will be evaluated through the following methods:
• Usability Testing: End-users (researchers, cybersecurity professionals, and non-experts) will interact
with the Tableau dashboard to assess its ease of use, clarity, and effectiveness in communicating
password behavior insights.
• Performance Testing: The machine learning models will be tested for accuracy and performance in
predicting password vulnerability. Key metrics such as precision, recall, and F1-score will be used to
evaluate the effectiveness of these models.
• Expert Feedback: Feedback will be gathered from cybersecurity experts to evaluate the artefact’s
relevance and applicability to real-world password security challenges.
This approach ensures that the dashboard and machine learning models not only provide valuable insights
but also meet the usability and functional needs of the target audience.

References
Atzori, M., Calò, E., Caruccio, L., Cirillo, S., Polese, G., & Solimando, G. (2024). Evaluating password
strength based on information spread on social networks: A combined approach relying on data
reconstruction and generative models. Online Social Networks and Media, 42, 100278. https://doi.
org/https://doi.org/10.1016/j.osnem.2024.100278
Bhagavatula, S., Bauer, L., & Kapadia, A. (2020). (how) do people change their passwords after a breach?
https://arxiv.org/abs/2010.09853
Dastane, O., Bakon, K., & Johari, Z. (2020). The effect of bad password habits on personal data breach.
International Journal of Emerging Trends in Engineering Research, 8, 6950–6960. https://doi.org/
10.30534/ijeter/2020/538102020
Farooq, U. (2020). Real time password strength analysis on a web application using multiple machine
learning approaches. International Journal of Engineering Research & Technology (IJERT), 9(12).
Güven, E. Y., Boyaci, A., & Aydin, M. A. (2022). A novel password policy focusing on altering user password
selection habits: A statistical analysis on breached data. Comput. Secur., 113(100). https://doi.org/
10.1016/j.cose.2021.102560
Lee, K., & Yim, K. (2020). Cybersecurity threats based on machine learning-based offensive technique for
password authentication. Applied Sciences, 10(4). https://doi.org/10.3390/app10041286
Lykousas, N., & Patsakis, C. (2024). Decoding developer password patterns: A comparative analysis of
password extraction and selection practices. Computers Security, 145, 103974. https://doi.org/
https://doi.org/10.1016/j.cose.2024.103974
Shay, R., Komanduri, S., Kelley, P. G., Leon, P. G., Mazurek, M. L., Bauer, L., Christin, N., & Cranor, L. F.
(2010). Encountering stronger password requirements: User attitudes and behaviors. Proceedings
of the Sixth Symposium on Usable Privacy and Security. https://doi.org/10.1145/1837110.1837113
Thomas, K., Li, F., Zand, A., Barrett, J., Ranieri, J., Invernizzi, L., Markov, Y., Comanescu, O., Eranti, V., Mos-
cicki, A., Margolis, D., Paxson, V., & Bursztein, E. (2017). Data breaches, phishing, or malware? un-
derstanding the risks of stolen credentials. Proceedings of the 2017 ACM SIGSAC Conference on
Computer and Communications Security, 1421–1434. https://doi.org/10.1145/3133956.3134067
Yang, W., Li, N., Molloy, I. M., Park, Y., & Chari, S. N. (2016). Comparing password ranking algorithms on
real-world password datasets. In I. Askoxylakis, S. Ioannidis, S. Katsikas & C. Meadows (Eds.),
Computer security – esorics 2016 (pp. 69–90). Springer International Publishing.
Yu, X., & Liao, Q. (2016). User password repetitive patterns analysis and visualization. Information and
Computer Security, 24, 93–115. https://doi.org/10.1108/ICS-06-2015-0026

UC3BPR 2024 7
Project Proposal - BRP24/25

Zhang-Kennedy, L., Chiasson, S., & Biddle, R. (2013). Password advice shouldn’t be boring: Visualizing
password guessing attacks. 2013 APWG eCrime Researchers Summit, 1–11. https://doi.org/10.
1109/eCRS.2013.6805770

UC3BPR 2024 8
Project Proposal - BRP24/25

Word count metrics

NUC Bachelor Project Proposal Word Count:

Total Sum count: 3953 Words in text: 1254 Words in headers: 2699 Words outside
text (captions, etc.): 0 Number of headers: 17 Number of floats/tables/figures: 0
Number of math inlines: 0 Number of math displayed: 0
(errors:4) NOTE: References and Declaration page are excluded from the counts above.

Mandatory Declaration
Declarations
The individual student is responsible for familiarising themselves with the rules and regulations regarding
the use of sources, generated text and academic misconduct. Failure to declare does not release the
student from their responsibility, and will result in an automatic failure of the submission.

1. I hereby declare that the submission answer is my own work, and that I have not Yes
used other sources other than as is referenced and cited correctly, or received help
other than what is specifically acknowledged.
2. I further declare that this submission: Yes
• Has not been used for another exam in another course at Noroff University
College, at another department/university/college at home or abroad.
• Does not refer to or make use of the work of others without acknowledgement.
• Does not refer to my own previous work unless stated.
• Has all the references given in the bibliography.
• Is not a copy, duplicate or copy of someone else’s work or answer.
• Is not generated using AI generation tools.

3. I am aware that a breach of any of the above is to be regarded as cheating and may Yes
result in cancellation of the exam and exclusion from universities and colleges in Nor-
way, cf. University and College Act §§4-7 and 4-8 and Regulations on examinations
§§ 31.
4. I am aware that all components of this assignments may be checked for plagiarism Yes
and other forms of academic misconduct.
5. I hereby acknowledge that I have been taught the appropriate ways to use the work Yes
of other researchers. I undertake to paraphrase, cite, and reference according to
the acceptable academic practices, in accordance with the rules and guidelines, as
taught.
6. I am aware that Noroff University College will process all cases where cheating is Yes
suspected in accordance with the college’s guidelines.

Name: Thinh Tran

Place: Kristiansand
Date: 28th September 2024

UC3BPR 2024 9