Do you use ChatGPT or Gemini to generate strong passwords? If the answer is yes, then you might want to stop now. A new report suggests using artificial intelligence to generate passwords may not be as safe as it sounds.
While AI tools can produce strings that look complex, researchers say they often lack the true randomness required for strong security. Passwords generated by LLMs (Large Language Models) contain predictable structures and repeated formats across sessions.
This could mean hackers can easily guess an AI-generated password, putting your data at risk. Here’s all you need to know about AI-generated passwords, and how you can keep your data safe.
Why AI-generated passwords aren’t safe?
Researchers analysed multiple 16-character passwords generated in separate sessions. Several outputs were either identical or had a very similar structure. Most followed consistent formatting patterns, such as starting and ending with specific character types. None of the passwords included repeating characters, which is unusual for truly random strings.
The AI-generated passwords scored between roughly 20 and 27 bits of entropy. By comparison, a genuinely random 16-character password would typically measure between 98 and 120 bits. This gap significantly reduces the time attackers need to crack them, even with relatively modest hardware.
The issue lies in how LLMs work. They are designed to predict and generate patterns based on training data. That makes them effective at writing text, but not at producing cryptographically secure randomness.
Experts say this limitation is structural and cannot be solved simply by changing prompts.
What’s the solution?
Well, instead of using AI tools for generating a strong password, experts recommend using dedicated password managers.
Password Managers come with built-in password generators that, unlike AI tools, rely on cryptographic randomness rather than language prediction.
ALSO READ: Apple’s visual intelligence push hints at new AI wearables strategy
Password Managers are built specifically for security, and they not only help you generate passwords but also let you securely save them.
Unleash your inner geek with Croma Unboxed
Subscribe now to stay ahead with the latest articles and updates
You are almost there
Enter your details to subscribe
Happiness unboxed!
Thank you for subscribing to our blog.
Disclaimer: This post as well as the layout and design on this website are protected under Indian intellectual property laws, including the Copyright Act, 1957 and the Trade Marks Act, 1999 and is the property of Infiniti Retail Limited (Croma). Using, copying (in full or in part), adapting or altering this post or any other material from Croma’s website is expressly prohibited without prior written permission from Croma. For permission to use the content on the Croma’s website, please connect on contactunboxed@croma.com
- Related articles
- Popular articles
Pranav Sawant
Comments