We present the first framework for segmentation, semantic classification and generalization of passwords and demonstrate how probabilistic grammars encoding the semantics of password samples can lead to better cracking results than the state-of-the-art method. In sessions of 3 billion guesses, we guess approximately 67% more passwords from the LinkedIn leak and 32% more passwords from the MySpace leak.