How an AI tool could crack your passwords in seconds
Raw Text
X
Trending
What is ChatGPT and why does it matter? Here's what you need to know
Apple sets June date for its biggest conference of 2023, with headset launch expected
What is Lemon8 and why is everyone talking about it on TikTok?
The best AI art generators: DALL-E 2 and other fun alternatives to try
ZDNET Recommends
Testing RFID blocking cards: Do they work? Do you need one?
This almost-great Raspberry Pi alternative is missing one key feature
This $75 dock turns your Mac Mini into a Mac Studio (sort of)
Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones
Mobile World Congress 2023
Best massage chairs
Best iRobot vacuums
Best headphones for sleeping
Best smart treadmills
Tech
Gaming
Headphones
Laptops
Mobile Accessories
Networking
PCs
Printers
Smartphones
Smart Watches
Speakers
Streaming Devices
Streaming Services
Tablets
TVs
Wearables
Kitchen & Household
Office Furniture
Office Hardware & Appliances
Smart Home
Smart Lighting
Yard & Outdoors
Innovation
Artificial Intelligence
AR + VR
Cloud
Digital Transformation
Energy
Robotics
Sustainability
Transportation
Work Life
Accelerate your tech game Paid Content
How the New Space Race Will Drive Innovation
How the metaverse will change the future of work and society
Managing the Multicloud
The Future of the Internet
The New Rules of Work
The Tech Trends to Watch in 2023
Business
See all Business
Amazon
Apple
Developer
E-Commerce
Edge Computing
Enterprise Software
Executive
Microsoft
Professional Development
Social Media
SMB
Windows
Digital transformation: Trends and insights for success
Software development: Emerging trends and changing roles
Security
See all Security
Cyber Threats
Password Manager
Ransomware
VPN
Cybersecurity: Let's get tactical
Securing the Cloud
Advice
Deals
How-to
Product Comparisons
Product Spotlights
Reviews
Buying Guides
See all Buying Guides
Best all-in-one computers
Best budget TVs
Best gaming CPUs
Best gaming laptops
Best gaming PCs
Best headphones
Best iPads
Best iPhones
Best laptops
Best large tablets
Best OLED TVs
Best robot vacuum mops
Best rugged tablets
Best Samsung phones
Best smart rings
Best smartphones
Best smartwatches
Best speakers
Best tablets
Best travel VPNs
Best TVs
Best VPNs
tomorrow belongs to those who embrace it today
Asia
Australia
Europe
India
United Kingdom
United States
ZDNET France
ZDNET Germany
ZDNET Korea
ZDNET Japan
Go
Most Popular
See all Topics
Finance
Education
Health
Special Features
ZDNET In Depth
ZDNET Recommends
Newsletters
Videos
Editorial Guidelines
Trending
What is ChatGPT and why does it matter? Here's what you need to know
Apple sets June date for its biggest conference of 2023, with headset launch expected
What is Lemon8 and why is everyone talking about it on TikTok?
The best AI art generators: DALL-E 2 and other fun alternatives to try
ZDNET Recommends
Testing RFID blocking cards: Do they work? Do you need one?
This almost-great Raspberry Pi alternative is missing one key feature
This $75 dock turns your Mac Mini into a Mac Studio (sort of)
Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones
Mobile World Congress 2023
Best massage chairs
Best iRobot vacuums
Best headphones for sleeping
Best smart treadmills
Tech
Gaming
Headphones
Laptops
Mobile Accessories
Networking
PCs
Printers
Smartphones
Smart Watches
Speakers
Streaming Devices
Streaming Services
Tablets
TVs
Wearables
Kitchen & Household
Office Furniture
Office Hardware & Appliances
Smart Home
Smart Lighting
Yard & Outdoors
Innovation
Artificial Intelligence
AR + VR
Cloud
Digital Transformation
Energy
Robotics
Sustainability
Transportation
Work Life
Accelerate your tech game Paid Content
How the New Space Race Will Drive Innovation
How the metaverse will change the future of work and society
Managing the Multicloud
The Future of the Internet
The New Rules of Work
The Tech Trends to Watch in 2023
Business
See all Business
Amazon
Apple
Developer
E-Commerce
Edge Computing
Enterprise Software
Executive
Microsoft
Professional Development
Social Media
SMB
Windows
Digital transformation: Trends and insights for success
Software development: Emerging trends and changing roles
Security
See all Security
Cyber Threats
Password Manager
Ransomware
VPN
Cybersecurity: Let's get tactical
Securing the Cloud
Advice
Deals
How-to
Product Comparisons
Product Spotlights
Reviews
Buying Guides
See all Buying Guides
Best all-in-one computers
Best budget TVs
Best gaming CPUs
Best gaming laptops
Best gaming PCs
Best headphones
Best iPads
Best iPhones
Best laptops
Best large tablets
Best OLED TVs
Best robot vacuum mops
Best rugged tablets
Best Samsung phones
Best smart rings
Best smartphones
Best smartwatches
Best speakers
Best tablets
Best travel VPNs
Best TVs
Best VPNs
More
See all Topics
Finance
Education
Health
Special Features
ZDNET In Depth
ZDNET Recommends
Newsletters
Videos
Editorial Guidelines
Innovation
Home
Innovation
Artificial Intelligence
Written by
Lance Whitney, Contributor
on April 10, 2023
tsingha25/Getty Images
AI may be able to do lots of cool things like write computer code , tell you a story, and explain the theory of relativity. But it can also do at least one thing that's not so cool: Figure out your passwords.
A new report released by security experts at Home Security Heroes shows how a savvy AI tool can be used to crack common passwords in minutes or seconds.
Also: How to write better ChatGPT prompts (and this applies to most other text-based AIs, too)
To determine how long it would take to crack 15,600,000 common passwords via artificial intelligence, Home Security Heroes enlisted an AI tool known as PassGAN. A combination of the terms "password" and GAN ( Generative Adversarial Network ), PassGAN is able to master the art of password cracking not through the usual manual processes but by analyzing real passwords from actual leaks. Such an automated method threatens to help the bad guys crack passwords faster and more efficiently.
Looking at all the common passwords, Home Security Heroes found that 81% of them could be cracked in less than a month, 71% in less than a day, 65% in less than an hour, and 51% in less than a minute.
Both the length and the complexity of a password factored into their susceptibility toward cracking. PassGAN took a mere six minutes to figure out a password with seven characters, even if it contained uppercase and lowercase letters, numbers, and symbols. And it took just three minutes to determine a 13-character password with only numbers.
Also: The best password managers
As expected, passwords that combined both length and complexity were the most secure. A nine-character password with all the different types of characters would take five years to crack, while an 18-character one with just numbers would take 10 months to crack. One with 18 characters and all the different types of characters would take six quintillion years.
Home Security Heroes
How and why is PassGAN so adept at figuring out passwords? Most password-cracking tools apply simple data models to run manual password guesses, use password generation rules like concatenation, and make certain assumptions about password patterns. In contrast, PassGAN relies on the GAN part to run on a neural network, which is able to analyze and learn from data to get smarter and smarter.
With this type of threat looming over our passwords, do we just give up and welcome our new AI overlords? No, not when we can fight back by practicing the right type of password hygiene. And that requires following a few rules and requirements, as suggested by Home Security Heroes.
Also: These experts are racing to protect AI from hackers. Time is running out
Use strong password patterns: The longer and stronger your password, the more resistant it will be against cracking. This means using at least 15 characters, having at least two letters (uppercase and lowercase) as well as numbers and symbols, and avoiding obvious patterns such as real words.
Change your password regularly: Maybe you're concerned that someone has accessed one of your accounts. Or perhaps you shared your password with the wrong person. Whatever the reason, you'll want to change a password periodically to guard against its use and abuse.
Don't use the same password across multiple accounts: If you repeat the same password across different sites, and a hacker obtains it for one site, what will happen? That hacker can use that cracked password to compromise your other accounts.
Also: Â How to protect and secure your password manager
Beyond the advice from Home Security Heroes, here's one more recommendation. Use a password manager . Creating, remembering, and applying a long and complex password for each account is virtually impossible without assistance. Until passwordless options become universal, a password manager is still your best bet for juggling all the unique passwords for all your accounts.
Artificial Intelligence
How I used ChatGPT and AI art tools to launch my Etsy business fast
ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways
Is this the snarkiest AI chatbot so far? I tried HuggingChat and it was weird
Meet the post-AI developer: More creative, more business-focused
How I used ChatGPT and AI art tools to launch my Etsy business fast
ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways
Is this the snarkiest AI chatbot so far? I tried HuggingChat and it was weird
Meet the post-AI developer: More creative, more business-focused
Editorial standards
Show Comments
Log In to Comment
Community Guidelines
Related
Amazon is working on its own AI chatbot to assist its shoppers
How to encrypt your email (and why you should)
Most Americans think AI threatens humanity, according to a poll
ZDNET
we equip you to harness the power of disruptive innovation, at work and at home.
Topics
Galleries
Videos
Do Not Sell or Share My Personal Information
about ZDNET
Meet The Team
Sitemap
Reprint Policy
Join | Log In
Newsletters
Site Assistance
Licensing
© 2023 ZDNET, A Red Ventures company. All rights reserved.
Privacy Policy | Cookie Settings | Advertise | Terms of Use
Single Line Text
X. Trending. What is ChatGPT and why does it matter? Here's what you need to know. Apple sets June date for its biggest conference of 2023, with headset launch expected. What is Lemon8 and why is everyone talking about it on TikTok? The best AI art generators: DALL-E 2 and other fun alternatives to try. ZDNET Recommends. Testing RFID blocking cards: Do they work? Do you need one? This almost-great Raspberry Pi alternative is missing one key feature. This $75 dock turns your Mac Mini into a Mac Studio (sort of) Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones. Mobile World Congress 2023. Best massage chairs. Best iRobot vacuums. Best headphones for sleeping. Best smart treadmills. Tech. Gaming. Headphones. Laptops. Mobile Accessories. Networking. PCs. Printers. Smartphones. Smart Watches. Speakers. Streaming Devices. Streaming Services. Tablets. TVs. Wearables. Kitchen & Household. Office Furniture. Office Hardware & Appliances. Smart Home. Smart Lighting. Yard & Outdoors. Innovation. Artificial Intelligence. AR + VR. Cloud. Digital Transformation. Energy. Robotics. Sustainability. Transportation. Work Life. Accelerate your tech game Paid Content. How the New Space Race Will Drive Innovation. How the metaverse will change the future of work and society. Managing the Multicloud. The Future of the Internet. The New Rules of Work. The Tech Trends to Watch in 2023. Business. See all Business. Amazon. Apple. Developer. E-Commerce. Edge Computing. Enterprise Software. Executive. Google. Microsoft. Professional Development. Social Media. SMB. Windows. Digital transformation: Trends and insights for success. Software development: Emerging trends and changing roles. Security. See all Security. Cyber Threats. Password Manager. Ransomware. VPN. Cybersecurity: Let's get tactical. Securing the Cloud. Advice. Deals. How-to. Product Comparisons. Product Spotlights. Reviews. Buying Guides. See all Buying Guides. Best all-in-one computers. Best budget TVs. Best gaming CPUs. Best gaming laptops. Best gaming PCs. Best headphones. Best iPads. Best iPhones. Best laptops. Best large tablets. Best OLED TVs. Best robot vacuum mops. Best rugged tablets. Best Samsung phones. Best smart rings. Best smartphones. Best smartwatches. Best speakers. Best tablets. Best travel VPNs. Best TVs. Best VPNs. tomorrow belongs to those who embrace it today. Asia. Australia. Europe. India. United Kingdom. United States. ZDNET France. ZDNET Germany. ZDNET Korea. ZDNET Japan. Go. Most Popular. See all Topics. Finance. Education. Health. Special Features. ZDNET In Depth. ZDNET Recommends. Newsletters. Videos. Editorial Guidelines. Trending. What is ChatGPT and why does it matter? Here's what you need to know. Apple sets June date for its biggest conference of 2023, with headset launch expected. What is Lemon8 and why is everyone talking about it on TikTok? The best AI art generators: DALL-E 2 and other fun alternatives to try. ZDNET Recommends. Testing RFID blocking cards: Do they work? Do you need one? This almost-great Raspberry Pi alternative is missing one key feature. This $75 dock turns your Mac Mini into a Mac Studio (sort of) Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones. Mobile World Congress 2023. Best massage chairs. Best iRobot vacuums. Best headphones for sleeping. Best smart treadmills. Tech. Gaming. Headphones. Laptops. Mobile Accessories. Networking. PCs. Printers. Smartphones. Smart Watches. Speakers. Streaming Devices. Streaming Services. Tablets. TVs. Wearables. Kitchen & Household. Office Furniture. Office Hardware & Appliances. Smart Home. Smart Lighting. Yard & Outdoors. Innovation. Artificial Intelligence. AR + VR. Cloud. Digital Transformation. Energy. Robotics. Sustainability. Transportation. Work Life. Accelerate your tech game Paid Content. How the New Space Race Will Drive Innovation. How the metaverse will change the future of work and society. Managing the Multicloud. The Future of the Internet. The New Rules of Work. The Tech Trends to Watch in 2023. Business. See all Business. Amazon. Apple. Developer. E-Commerce. Edge Computing. Enterprise Software. Executive. Google. Microsoft. Professional Development. Social Media. SMB. Windows. Digital transformation: Trends and insights for success. Software development: Emerging trends and changing roles. Security. See all Security. Cyber Threats. Password Manager. Ransomware. VPN. Cybersecurity: Let's get tactical. Securing the Cloud. Advice. Deals. How-to. Product Comparisons. Product Spotlights. Reviews. Buying Guides. See all Buying Guides. Best all-in-one computers. Best budget TVs. Best gaming CPUs. Best gaming laptops. Best gaming PCs. Best headphones. Best iPads. Best iPhones. Best laptops. Best large tablets. Best OLED TVs. Best robot vacuum mops. Best rugged tablets. Best Samsung phones. Best smart rings. Best smartphones. Best smartwatches. Best speakers. Best tablets. Best travel VPNs. Best TVs. Best VPNs. More. See all Topics. Finance. Education. Health. Special Features. ZDNET In Depth. ZDNET Recommends. Newsletters. Videos. Editorial Guidelines. Innovation. Home. Innovation. Artificial Intelligence. Written by. Lance Whitney, Contributor. on April 10, 2023. tsingha25/Getty Images. AI may be able to do lots of cool things like write computer code , tell you a story, and explain the theory of relativity. But it can also do at least one thing that's not so cool: Figure out your passwords. A new report released by security experts at Home Security Heroes shows how a savvy AI tool can be used to crack common passwords in minutes or seconds. Also: How to write better ChatGPT prompts (and this applies to most other text-based AIs, too) To determine how long it would take to crack 15,600,000 common passwords via artificial intelligence, Home Security Heroes enlisted an AI tool known as PassGAN. A combination of the terms "password" and GAN ( Generative Adversarial Network ), PassGAN is able to master the art of password cracking not through the usual manual processes but by analyzing real passwords from actual leaks. Such an automated method threatens to help the bad guys crack passwords faster and more efficiently. Looking at all the common passwords, Home Security Heroes found that 81% of them could be cracked in less than a month, 71% in less than a day, 65% in less than an hour, and 51% in less than a minute. Both the length and the complexity of a password factored into their susceptibility toward cracking. PassGAN took a mere six minutes to figure out a password with seven characters, even if it contained uppercase and lowercase letters, numbers, and symbols. And it took just three minutes to determine a 13-character password with only numbers. Also: The best password managers. As expected, passwords that combined both length and complexity were the most secure. A nine-character password with all the different types of characters would take five years to crack, while an 18-character one with just numbers would take 10 months to crack. One with 18 characters and all the different types of characters would take six quintillion years. Home Security Heroes. How and why is PassGAN so adept at figuring out passwords? Most password-cracking tools apply simple data models to run manual password guesses, use password generation rules like concatenation, and make certain assumptions about password patterns. In contrast, PassGAN relies on the GAN part to run on a neural network, which is able to analyze and learn from data to get smarter and smarter. With this type of threat looming over our passwords, do we just give up and welcome our new AI overlords? No, not when we can fight back by practicing the right type of password hygiene. And that requires following a few rules and requirements, as suggested by Home Security Heroes. Also: These experts are racing to protect AI from hackers. Time is running out. Use strong password patterns: The longer and stronger your password, the more resistant it will be against cracking. This means using at least 15 characters, having at least two letters (uppercase and lowercase) as well as numbers and symbols, and avoiding obvious patterns such as real words. Change your password regularly: Maybe you're concerned that someone has accessed one of your accounts. Or perhaps you shared your password with the wrong person. Whatever the reason, you'll want to change a password periodically to guard against its use and abuse. Don't use the same password across multiple accounts: If you repeat the same password across different sites, and a hacker obtains it for one site, what will happen? That hacker can use that cracked password to compromise your other accounts. Also:  How to protect and secure your password manager. Beyond the advice from Home Security Heroes, here's one more recommendation. Use a password manager . Creating, remembering, and applying a long and complex password for each account is virtually impossible without assistance. Until passwordless options become universal, a password manager is still your best bet for juggling all the unique passwords for all your accounts. Artificial Intelligence. How I used ChatGPT and AI art tools to launch my Etsy business fast. ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways. Is this the snarkiest AI chatbot so far? I tried HuggingChat and it was weird. Meet the post-AI developer: More creative, more business-focused. How I used ChatGPT and AI art tools to launch my Etsy business fast. ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways. Is this the snarkiest AI chatbot so far? I tried HuggingChat and it was weird. Meet the post-AI developer: More creative, more business-focused. Editorial standards. Show Comments. Log In to Comment. Community Guidelines. Related. Amazon is working on its own AI chatbot to assist its shoppers. How to encrypt your email (and why you should) Most Americans think AI threatens humanity, according to a poll. ZDNET. we equip you to harness the power of disruptive innovation, at work and at home. Topics. Galleries. Videos. Do Not Sell or Share My Personal Information. about ZDNET. Meet The Team. Sitemap. Reprint Policy. Join | Log In. Newsletters. Site Assistance. Licensing. © 2023 ZDNET, A Red Ventures company. All rights reserved. Privacy Policy | Cookie Settings | Advertise | Terms of Use.