How an AI tool could crack your passwords in seconds

View Summary

Raw Text

X

Trending

What is ChatGPT and why does it matter? Here's what you need to know

Apple sets June date for its biggest conference of 2023, with headset launch expected

What is Lemon8 and why is everyone talking about it on TikTok?

The best AI art generators: DALL-E 2 and other fun alternatives to try

ZDNET Recommends

Testing RFID blocking cards: Do they work? Do you need one?

This almost-great Raspberry Pi alternative is missing one key feature

This $75 dock turns your Mac Mini into a Mac Studio (sort of)

Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones

Mobile World Congress 2023

Best massage chairs

Best iRobot vacuums

Best headphones for sleeping

Best smart treadmills

Tech

Gaming

Headphones

Laptops

Mobile Accessories

Networking

PCs

Printers

Smartphones

Smart Watches

Speakers

Streaming Devices

Streaming Services

Tablets

TVs

Wearables

Kitchen & Household

Office Furniture

Office Hardware & Appliances

Smart Home

Smart Lighting

Yard & Outdoors

Innovation

Artificial Intelligence

AR + VR

Cloud

Digital Transformation

Energy

Robotics

Sustainability

Transportation

Work Life

Accelerate your tech game Paid Content

How the New Space Race Will Drive Innovation

How the metaverse will change the future of work and society

Managing the Multicloud

The Future of the Internet

The New Rules of Work

The Tech Trends to Watch in 2023

Business

See all Business

Amazon

Apple

Developer

E-Commerce

Edge Computing

Enterprise Software

Executive

Google

Microsoft

Professional Development

Social Media

SMB

Windows

Digital transformation: Trends and insights for success

Software development: Emerging trends and changing roles

Security

See all Security

Cyber Threats

Password Manager

Ransomware

VPN

Cybersecurity: Let's get tactical

Securing the Cloud

Advice

Deals

How-to

Product Comparisons

Product Spotlights

Reviews

Buying Guides

See all Buying Guides

Best all-in-one computers

Best budget TVs

Best gaming CPUs

Best gaming laptops

Best gaming PCs

Best headphones

Best iPads

Best iPhones

Best laptops

Best large tablets

Best OLED TVs

Best robot vacuum mops

Best rugged tablets

Best Samsung phones

Best smart rings

Best smartphones

Best smartwatches

Best speakers

Best tablets

Best travel VPNs

Best TVs

Best VPNs

tomorrow belongs to those who embrace it today

Asia

Australia

Europe

India

United Kingdom

United States

ZDNET France

ZDNET Germany

ZDNET Korea

ZDNET Japan

Go

Most Popular

See all Topics

Finance

Education

Health

Special Features

ZDNET In Depth

ZDNET Recommends

Newsletters

Videos

Editorial Guidelines

Trending

What is ChatGPT and why does it matter? Here's what you need to know

Apple sets June date for its biggest conference of 2023, with headset launch expected

What is Lemon8 and why is everyone talking about it on TikTok?

The best AI art generators: DALL-E 2 and other fun alternatives to try

ZDNET Recommends

Testing RFID blocking cards: Do they work? Do you need one?

This almost-great Raspberry Pi alternative is missing one key feature

This $75 dock turns your Mac Mini into a Mac Studio (sort of)

Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones

Mobile World Congress 2023

Best massage chairs

Best iRobot vacuums

Best headphones for sleeping

Best smart treadmills

Tech

Gaming

Headphones

Laptops

Mobile Accessories

Networking

PCs

Printers

Smartphones

Smart Watches

Speakers

Streaming Devices

Streaming Services

Tablets

TVs

Wearables

Kitchen & Household

Office Furniture

Office Hardware & Appliances

Smart Home

Smart Lighting

Yard & Outdoors

Innovation

Artificial Intelligence

AR + VR

Cloud

Digital Transformation

Energy

Robotics

Sustainability

Transportation

Work Life

Accelerate your tech game Paid Content

How the New Space Race Will Drive Innovation

How the metaverse will change the future of work and society

Managing the Multicloud

The Future of the Internet

The New Rules of Work

The Tech Trends to Watch in 2023

Business

See all Business

Amazon

Apple

Developer

E-Commerce

Edge Computing

Enterprise Software

Executive

Google

Microsoft

Professional Development

Social Media

SMB

Windows

Digital transformation: Trends and insights for success

Software development: Emerging trends and changing roles

Security

See all Security

Cyber Threats

Password Manager

Ransomware

VPN

Cybersecurity: Let's get tactical

Securing the Cloud

Advice

Deals

How-to

Product Comparisons

Product Spotlights

Reviews

Buying Guides

See all Buying Guides

Best all-in-one computers

Best budget TVs

Best gaming CPUs

Best gaming laptops

Best gaming PCs

Best headphones

Best iPads

Best iPhones

Best laptops

Best large tablets

Best OLED TVs

Best robot vacuum mops

Best rugged tablets

Best Samsung phones

Best smart rings

Best smartphones

Best smartwatches

Best speakers

Best tablets

Best travel VPNs

Best TVs

Best VPNs

More

See all Topics

Finance

Education

Health

Special Features

ZDNET In Depth

ZDNET Recommends

Newsletters

Videos

Editorial Guidelines

Innovation

Home

Innovation

Artificial Intelligence

Written by

Lance Whitney, Contributor

on April 10, 2023

tsingha25/Getty Images

AI may be able to do lots of cool things like write computer code , tell you a story, and explain the theory of relativity. But it can also do at least one thing that's not so cool: Figure out your passwords.

A new report released by security experts at Home Security Heroes shows how a savvy AI tool can be used to crack common passwords in minutes or seconds.

Also: How to write better ChatGPT prompts (and this applies to most other text-based AIs, too)

To determine how long it would take to crack 15,600,000 common passwords via artificial intelligence, Home Security Heroes enlisted an AI tool known as PassGAN. A combination of the terms "password" and GAN ( Generative Adversarial Network ), PassGAN is able to master the art of password cracking not through the usual manual processes but by analyzing real passwords from actual leaks. Such an automated method threatens to help the bad guys crack passwords faster and more efficiently.

Looking at all the common passwords, Home Security Heroes found that 81% of them could be cracked in less than a month, 71% in less than a day, 65% in less than an hour, and 51% in less than a minute.

Both the length and the complexity of a password factored into their susceptibility toward cracking. PassGAN took a mere six minutes to figure out a password with seven characters, even if it contained uppercase and lowercase letters, numbers, and symbols. And it took just three minutes to determine a 13-character password with only numbers.

Also: The best password managers

As expected, passwords that combined both length and complexity were the most secure. A nine-character password with all the different types of characters would take five years to crack, while an 18-character one with just numbers would take 10 months to crack. One with 18 characters and all the different types of characters would take six quintillion years.

Home Security Heroes

How and why is PassGAN so adept at figuring out passwords? Most password-cracking tools apply simple data models to run manual password guesses, use password generation rules like concatenation, and make certain assumptions about password patterns. In contrast, PassGAN relies on the GAN part to run on a neural network, which is able to analyze and learn from data to get smarter and smarter.

With this type of threat looming over our passwords, do we just give up and welcome our new AI overlords? No, not when we can fight back by practicing the right type of password hygiene. And that requires following a few rules and requirements, as suggested by Home Security Heroes.

Also: These experts are racing to protect AI from hackers. Time is running out

Use strong password patterns: The longer and stronger your password, the more resistant it will be against cracking. This means using at least 15 characters, having at least two letters (uppercase and lowercase) as well as numbers and symbols, and avoiding obvious patterns such as real words.

Change your password regularly: Maybe you're concerned that someone has accessed one of your accounts. Or perhaps you shared your password with the wrong person. Whatever the reason, you'll want to change a password periodically to guard against its use and abuse.

Don't use the same password across multiple accounts: If you repeat the same password across different sites, and a hacker obtains it for one site, what will happen? That hacker can use that cracked password to compromise your other accounts.

Also:   How to protect and secure your password manager

Beyond the advice from Home Security Heroes, here's one more recommendation. Use a password manager . Creating, remembering, and applying a long and complex password for each account is virtually impossible without assistance. Until passwordless options become universal, a password manager is still your best bet for juggling all the unique passwords for all your accounts.

Artificial Intelligence

How I used ChatGPT and AI art tools to launch my Etsy business fast

ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways

Is this the snarkiest AI chatbot so far? I tried HuggingChat and it was weird

Meet the post-AI developer: More creative, more business-focused

How I used ChatGPT and AI art tools to launch my Etsy business fast

ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways

Is this the snarkiest AI chatbot so far? I tried HuggingChat and it was weird

Meet the post-AI developer: More creative, more business-focused

Editorial standards

Show Comments

Log In to Comment

Community Guidelines

Related

Amazon is working on its own AI chatbot to assist its shoppers

How to encrypt your email (and why you should)

Most Americans think AI threatens humanity, according to a poll

ZDNET

we equip you to harness the power of disruptive innovation, at work and at home.

Topics

Galleries

Videos

Do Not Sell or Share My Personal Information

about ZDNET

Meet The Team

Sitemap

Reprint Policy

Join | Log In

Newsletters

Site Assistance

Licensing

© 2023 ZDNET, A Red Ventures company. All rights reserved.

Privacy Policy | Cookie Settings | Advertise | Terms of Use

Single Line Text

X. Trending. What is ChatGPT and why does it matter? Here's what you need to know. Apple sets June date for its biggest conference of 2023, with headset launch expected. What is Lemon8 and why is everyone talking about it on TikTok? The best AI art generators: DALL-E 2 and other fun alternatives to try. ZDNET Recommends. Testing RFID blocking cards: Do they work? Do you need one? This almost-great Raspberry Pi alternative is missing one key feature. This $75 dock turns your Mac Mini into a Mac Studio (sort of) Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones. Mobile World Congress 2023. Best massage chairs. Best iRobot vacuums. Best headphones for sleeping. Best smart treadmills. Tech. Gaming. Headphones. Laptops. Mobile Accessories. Networking. PCs. Printers. Smartphones. Smart Watches. Speakers. Streaming Devices. Streaming Services. Tablets. TVs. Wearables. Kitchen & Household. Office Furniture. Office Hardware & Appliances. Smart Home. Smart Lighting. Yard & Outdoors. Innovation. Artificial Intelligence. AR + VR. Cloud. Digital Transformation. Energy. Robotics. Sustainability. Transportation. Work Life. Accelerate your tech game Paid Content. How the New Space Race Will Drive Innovation. How the metaverse will change the future of work and society. Managing the Multicloud. The Future of the Internet. The New Rules of Work. The Tech Trends to Watch in 2023. Business. See all Business. Amazon. Apple. Developer. E-Commerce. Edge Computing. Enterprise Software. Executive. Google. Microsoft. Professional Development. Social Media. SMB. Windows. Digital transformation: Trends and insights for success. Software development: Emerging trends and changing roles. Security. See all Security. Cyber Threats. Password Manager. Ransomware. VPN. Cybersecurity: Let's get tactical. Securing the Cloud. Advice. Deals. How-to. Product Comparisons. Product Spotlights. Reviews. Buying Guides. See all Buying Guides. Best all-in-one computers. Best budget TVs. Best gaming CPUs. Best gaming laptops. Best gaming PCs. Best headphones. Best iPads. Best iPhones. Best laptops. Best large tablets. Best OLED TVs. Best robot vacuum mops. Best rugged tablets. Best Samsung phones. Best smart rings. Best smartphones. Best smartwatches. Best speakers. Best tablets. Best travel VPNs. Best TVs. Best VPNs. tomorrow belongs to those who embrace it today. Asia. Australia. Europe. India. United Kingdom. United States. ZDNET France. ZDNET Germany. ZDNET Korea. ZDNET Japan. Go. Most Popular. See all Topics. Finance. Education. Health. Special Features. ZDNET In Depth. ZDNET Recommends. Newsletters. Videos. Editorial Guidelines. Trending. What is ChatGPT and why does it matter? Here's what you need to know. Apple sets June date for its biggest conference of 2023, with headset launch expected. What is Lemon8 and why is everyone talking about it on TikTok? The best AI art generators: DALL-E 2 and other fun alternatives to try. ZDNET Recommends. Testing RFID blocking cards: Do they work? Do you need one? This almost-great Raspberry Pi alternative is missing one key feature. This $75 dock turns your Mac Mini into a Mac Studio (sort of) Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones. Mobile World Congress 2023. Best massage chairs. Best iRobot vacuums. Best headphones for sleeping. Best smart treadmills. Tech. Gaming. Headphones. Laptops. Mobile Accessories. Networking. PCs. Printers. Smartphones. Smart Watches. Speakers. Streaming Devices. Streaming Services. Tablets. TVs. Wearables. Kitchen & Household. Office Furniture. Office Hardware & Appliances. Smart Home. Smart Lighting. Yard & Outdoors. Innovation. Artificial Intelligence. AR + VR. Cloud. Digital Transformation. Energy. Robotics. Sustainability. Transportation. Work Life. Accelerate your tech game Paid Content. How the New Space Race Will Drive Innovation. How the metaverse will change the future of work and society. Managing the Multicloud. The Future of the Internet. The New Rules of Work. The Tech Trends to Watch in 2023. Business. See all Business. Amazon. Apple. Developer. E-Commerce. Edge Computing. Enterprise Software. Executive. Google. Microsoft. Professional Development. Social Media. SMB. Windows. Digital transformation: Trends and insights for success. Software development: Emerging trends and changing roles. Security. See all Security. Cyber Threats. Password Manager. Ransomware. VPN. Cybersecurity: Let's get tactical. Securing the Cloud. Advice. Deals. How-to. Product Comparisons. Product Spotlights. Reviews. Buying Guides. See all Buying Guides. Best all-in-one computers. Best budget TVs. Best gaming CPUs. Best gaming laptops. Best gaming PCs. Best headphones. Best iPads. Best iPhones. Best laptops. Best large tablets. Best OLED TVs. Best robot vacuum mops. Best rugged tablets. Best Samsung phones. Best smart rings. Best smartphones. Best smartwatches. Best speakers. Best tablets. Best travel VPNs. Best TVs. Best VPNs. More. See all Topics. Finance. Education. Health. Special Features. ZDNET In Depth. ZDNET Recommends. Newsletters. Videos. Editorial Guidelines. Innovation. Home. Innovation. Artificial Intelligence. Written by. Lance Whitney, Contributor. on April 10, 2023. tsingha25/Getty Images. AI may be able to do lots of cool things like write computer code , tell you a story, and explain the theory of relativity. But it can also do at least one thing that's not so cool: Figure out your passwords. A new report released by security experts at Home Security Heroes shows how a savvy AI tool can be used to crack common passwords in minutes or seconds. Also: How to write better ChatGPT prompts (and this applies to most other text-based AIs, too) To determine how long it would take to crack 15,600,000 common passwords via artificial intelligence, Home Security Heroes enlisted an AI tool known as PassGAN. A combination of the terms "password" and GAN ( Generative Adversarial Network ), PassGAN is able to master the art of password cracking not through the usual manual processes but by analyzing real passwords from actual leaks. Such an automated method threatens to help the bad guys crack passwords faster and more efficiently. Looking at all the common passwords, Home Security Heroes found that 81% of them could be cracked in less than a month, 71% in less than a day, 65% in less than an hour, and 51% in less than a minute. Both the length and the complexity of a password factored into their susceptibility toward cracking. PassGAN took a mere six minutes to figure out a password with seven characters, even if it contained uppercase and lowercase letters, numbers, and symbols. And it took just three minutes to determine a 13-character password with only numbers. Also: The best password managers. As expected, passwords that combined both length and complexity were the most secure. A nine-character password with all the different types of characters would take five years to crack, while an 18-character one with just numbers would take 10 months to crack. One with 18 characters and all the different types of characters would take six quintillion years. Home Security Heroes. How and why is PassGAN so adept at figuring out passwords? Most password-cracking tools apply simple data models to run manual password guesses, use password generation rules like concatenation, and make certain assumptions about password patterns. In contrast, PassGAN relies on the GAN part to run on a neural network, which is able to analyze and learn from data to get smarter and smarter. With this type of threat looming over our passwords, do we just give up and welcome our new AI overlords? No, not when we can fight back by practicing the right type of password hygiene. And that requires following a few rules and requirements, as suggested by Home Security Heroes. Also: These experts are racing to protect AI from hackers. Time is running out. Use strong password patterns: The longer and stronger your password, the more resistant it will be against cracking. This means using at least 15 characters, having at least two letters (uppercase and lowercase) as well as numbers and symbols, and avoiding obvious patterns such as real words. Change your password regularly: Maybe you're concerned that someone has accessed one of your accounts. Or perhaps you shared your password with the wrong person. Whatever the reason, you'll want to change a password periodically to guard against its use and abuse. Don't use the same password across multiple accounts: If you repeat the same password across different sites, and a hacker obtains it for one site, what will happen? That hacker can use that cracked password to compromise your other accounts. Also:   How to protect and secure your password manager. Beyond the advice from Home Security Heroes, here's one more recommendation. Use a password manager . Creating, remembering, and applying a long and complex password for each account is virtually impossible without assistance. Until passwordless options become universal, a password manager is still your best bet for juggling all the unique passwords for all your accounts. Artificial Intelligence. How I used ChatGPT and AI art tools to launch my Etsy business fast. ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways. Is this the snarkiest AI chatbot so far? I tried HuggingChat and it was weird. Meet the post-AI developer: More creative, more business-focused. How I used ChatGPT and AI art tools to launch my Etsy business fast. ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways. Is this the snarkiest AI chatbot so far? I tried HuggingChat and it was weird. Meet the post-AI developer: More creative, more business-focused. Editorial standards. Show Comments. Log In to Comment. Community Guidelines. Related. Amazon is working on its own AI chatbot to assist its shoppers. How to encrypt your email (and why you should) Most Americans think AI threatens humanity, according to a poll. ZDNET. we equip you to harness the power of disruptive innovation, at work and at home. Topics. Galleries. Videos. Do Not Sell or Share My Personal Information. about ZDNET. Meet The Team. Sitemap. Reprint Policy. Join | Log In. Newsletters. Site Assistance. Licensing. © 2023 ZDNET, A Red Ventures company. All rights reserved. Privacy Policy | Cookie Settings | Advertise | Terms of Use.