Many online platforms and applications necessitate users to set up a password. Given their infrequent use, numerous individuals likely resort to recycling these passwords across multiple accounts, leading to an increased likelihood of repetition among login credentials.
Weak password practices are further exacerbated by an overreliance on simple sequences involving names, everyday words, and numbers. These choices make for easily guessable credentials, and should a hacker breach one account, they might exploit those same weak codes across numerous platforms.
Individuals are encouraged to generate distinct, unpredictable passwords to mitigate the risk associated with repeatedly using the same password. Nonetheless, developing and managing these passwords can prove to be quite challenging.
When faced with the challenge of coming up with and managing passwords, individuals may consider using large language models such as ChatGPT, Llama, or DeepSeek for generating their passcodes.
It’s evident why this approach is appealing. Instead of exerting effort to create a robust password, individuals can easily prompt AI with “Create a secure password,” receiving an immediate response.
AI generates sequences that seem random, helping to sidestep humans’ inclination towards crafting easily guessable, dictionary-derived passwords. However, looks can be deceiving; AI-created passwords might not be as robustly secure as they initially appear.
Alexey Antonov, who leads the data science team at Kaspersky, conducted an experiment where he generated 1,000 passwords utilizing several well-known and reliable large language models such as ChatGPT (by OpenAI), Llama (a model developed by the Meta Group), and DeepSeek (a new player from China).
All of the models understand that an effective password should have at least 12 characters, incorporating both upper and lower case letters, digits, and special symbols,” states Antonov. “This information is provided whenever they create new passwords.
In reality, however, these algorithms frequently failed to include a special character or numbers within the password: 26% of passwords from ChatGPT, 32% from Llama, and 29% from DeepSeek did not have them. Additionally, both DeepSeek and Llama occasionally produced passwords under 12 characters long.
In 2024, Alexey Antonov created a machine learning algorithm designed to assess password strength. His findings revealed that nearly 60% of passwords could be compromised within just one hour through the use of contemporary graphics processors or cloud-based cracking software.
The outcomes were concerning when these AI-created passwords were tested; they proved much weaker than expected. Specifically, 88% of passwords generated by DeepSeek and 87% produced by Llama lacked sufficient strength to resist attacks from advanced cybercriminals. In contrast, ChatGPT performed somewhat better, as only 33% of its passwords failed the security criteria set by Kaspersky.
The issue with LLMs is that they do not generate genuine randomness; instead, they replicate patterns found in existing datasets,” explains Antonov. “This makes their output predictable for attackers who comprehend how these models function.
Provided by
GAPTEKZONE
).
