An AI-based password cracker can easily decrypt the most commonly used passwords ranging from 4-7 characters, including those that involve a combination of uppercase and lowercase letters and numerical digits, within a mere few seconds, a recent study has found.

Cyber security organization Home Security Heroes employed PassGAN, an AI-powered password cracking tool fueled by a generative adversarial network (GAN), to train a model with over 15 million frequently used passwords. The generated model is capable of aggressively deciphering some of the most commonly used passwords within seconds.

The source of passwords was the notorious RockYou dataset, which was subjected to a security breach in 2009 and contained passwords for social networks such as Myspace and Facebook, as per the cyber security firm.

After analyzing numerous commonly used passwords, Home Security Heroes discovered that a significant portion of them, about 81%, could be deciphered and breached within a month. Furthermore, 71% of these passwords were vulnerable to cracking in under 24 hours, 65% in under an hour, and 51% in under a minute.

The vulnerability of a password to hacking is influenced by its length and complexity. For instance, even passwords containing both uppercase and lowercase letters, numbers and symbols with seven characters could be deciphered by PassGAN within just six minutes. Additionally, PassGAN could determine a 13-character password containing only numbers within a mere three minutes.

The most secure passwords were found to be those that were both lengthy and complex, as anticipated. Specifically, passwords consisting of nine characters with diverse character types would require five years to crack, while an 18-character password comprised solely of numbers would take approximately 10 months. However, a password combining 18 characters with varied character types would necessitate an impressive six quintillion years to decrypt.

What are the mechanisms behind PassGAN's impressive password-cracking capabilities?

Conventional password-cracking tools deploy rudimentary data models to parse and produce password guesses through concatenation-based password generation rules and by making assumptions about password patterns. But PassGAN surpasses these tools by leveraging a neural network empowered by GAN technology that intelligently scrutinizes and assimilates data to attain superior levels of proficiency.

How to secure your password?

The suggested method does not require any download; simply visiting the website suffices. However, the process of strengthening one's password using AI may seem obscure. Therefore, let us delve into this further.

  • Navigate to the security platform, Home Security Heroes.
  • You will be directed to a page stating, "An AI cracked your password."
  • Scroll down and locate the prompt that reads, "Enter a random password."
  • Subsequently, input your current password, and the website will provide you with the time required to breach the password.

It is strongly recommended that you modify your password if it is deemed weak, as it serves as a reminder of the potential harm that can be caused by AI-driven technologies, particularly when they fall into the hands of those with malicious intent.