Skip to main content
  1. Home
  2. Computing
  3. News

AI can probably crack your password in seconds

By

We can now add easily cracking passwords in a matter of seconds to the list of things that AI can do.

Cybersecurity firm Home Security Heroes recently published a study uncovering how AI tools analyze passwords and then use that data to crack the most common passwords used on the web.

Recommended Videos

Using the PassGAN tool, the firm was able to figure out common four- to seven-character passwords in seconds. It also didn’t matter if there was variation in uppercase and lowercase letters or if numbers were included. The shorter and more simple passwords were easier for the tool to crack.

Related

PassGAN uses the latest Generative Adversarial Network (GAN) machine learning model that has been fed over 15 million common passwords. These passwords have been derived from the RockYou data set, which has collected information from popular breaches of companies such as MySpace and Facebook. The RockYou data set has become a commonplace source for machine learning password-cracking models, according to Tom’s Hardware.

PassGAN was able to crack passwords with up to six characters instantly until symbols were included — for those, it took at least four seconds. The tool was able to crack passwords with up to seven characters instantly until they included uppercase and lowercase letters; then it took at least 22 seconds.

Overall, the study determined that passwords longer than 12 characters with a combination of uppercase and lowercase letters, numbers, and symbols were the most challenging to crack. For example, a 15-character password with such a mix would take 14 billion years for AI to crack, according to PassGAN.

However, in common practice, most users are still very much at risk for a password breach. Home Security Heroes notes that for most of the common passwords, at least 51% of those tested were cracked in less than a minute. Many that are more challenging can still be figured out with time; 65% of common passwords can be cracked in less than an hour, 71% in less than a day, and 81% in less than a month.

Tom’s Hardware noted via Statista that six out of 10 Americans have a password between eight to 11 characters. While an 11-character password with uppercase and lowercase letters, numbers, and symbols can put you in the safe zone of 356 years to crack, many users might still be at risk with shorter, less unique passwords.

Users should keep in mind common password safety practices such as not keeping the same passwords for multiple accounts, changing passwords regularly, and using trusted password managers.

Editors’ Recommendations

Topics
Fionna Agomuoh
Fionna Agomuoh
Computing Writer
Fionna Agomuoh is a technology journalist with over a decade of experience writing about various consumer electronics topics…
MiniGPT-4: A free image-to-text AI tool you can try out today
what is minigpt 4 screenshot 2023 04 26 at 06 55 pm

ChatGPT is great, but right now, it's limited to just text -- text in, text out. GPT-4 was supposed to expand on this by adding image processing to allow it to generate text based on images.

MiniGPT-4: Enhancing Vision-Language Understanding with Advanced Large Language Models

Read more
Newegg’s AI PC Builder is a dumpster fire that I can’t look away from
Newegg's AI PC builder

Newegg is the latest to capitalize on the hype of ChatGPT by integrating the GPT model into its PC Builder tool. It sounds great -- give it a prompt tailored for your purpose and get a PC build, all with quick links to buy what you need. There's just one problem -- it's terrible.

No, the Newegg AI PC Builder isn't just giving out a few odd recommendations. It's still in beta, and that's to be expected. The problem is that the AI seems to actively ignore the prompt you give it, suggests outlandish and unbalanced PCs, and has a clear bias toward charging you more when you asked to spend less.
A grab bag of nonsense

Read more
This Mac malware can steal your credit card data in seconds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

Read more