Skip to main content

AI can probably crack your password in seconds

We can now add easily cracking passwords in a matter of seconds to the list of things that AI can do.

Cybersecurity firm Home Security Heroes recently published a study uncovering how AI tools analyze passwords and then use that data to crack the most common passwords used on the web.

Recommended Videos

Using the PassGAN tool, the firm was able to figure out common four- to seven-character passwords in seconds. It also didn’t matter if there was variation in uppercase and lowercase letters or if numbers were included. The shorter and more simple passwords were easier for the tool to crack.

PassGAN uses the latest Generative Adversarial Network (GAN) machine learning model that has been fed over 15 million common passwords. These passwords have been derived from the RockYou data set, which has collected information from popular breaches of companies such as MySpace and Facebook. The RockYou data set has become a commonplace source for machine learning password-cracking models, according to Tom’s Hardware.

PassGAN was able to crack passwords with up to six characters instantly until symbols were included — for those, it took at least four seconds. The tool was able to crack passwords with up to seven characters instantly until they included uppercase and lowercase letters; then it took at least 22 seconds.

Overall, the study determined that passwords longer than 12 characters with a combination of uppercase and lowercase letters, numbers, and symbols were the most challenging to crack. For example, a 15-character password with such a mix would take 14 billion years for AI to crack, according to PassGAN.

However, in common practice, most users are still very much at risk for a password breach. Home Security Heroes notes that for most of the common passwords, at least 51% of those tested were cracked in less than a minute. Many that are more challenging can still be figured out with time; 65% of common passwords can be cracked in less than an hour, 71% in less than a day, and 81% in less than a month.

Tom’s Hardware noted via Statista that six out of 10 Americans have a password between eight to 11 characters. While an 11-character password with uppercase and lowercase letters, numbers, and symbols can put you in the safe zone of 356 years to crack, many users might still be at risk with shorter, less unique passwords.

Users should keep in mind common password safety practices such as not keeping the same passwords for multiple accounts, changing passwords regularly, and using trusted password managers.

Fionna Agomuoh
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
Amazon’s AI agent will make it even easier for you to part with your money
Amazon Nova Act performing task in a web browser.

The next big thing in the field of artificial intelligence is Agentic AI, which is essentially an AI tool that can automate certain multi-step processes for users. For example, interacting with a web browser for tasks like booking tickets or ordering groceries. 

Amazon certainly sees a future in there. After giving a massive overhaul to Alexa and introducing a new Alexa+ assistant, the company has today announced a new AI agent called Nova Act. Amazon says Nova Act is designed to “complete tasks in a web browser.” Amazon won’t be the first to reach this milestone, as few other AI companies have already attempted this vision. 

Read more
3 open source AI apps you can use to replace your ChatGPT subscription
Phone running Deepseek on a laptop keyboard.

The next leg of the AI race is on, and has expanded beyond the usual players, such as OpenAI, Google, Meta, and Microsoft. In addition to the dominance of the tech giants, more open-source options have now taken to the spotlight with a new focus in the AI arena.

Various brands, such as DeepSeek, Alibaba, and Baidu, have demonstrated that AI functions can be developed and executed at a fraction of the cost. They have also navigated securing solid business partnerships and deciding or continuing to provide AI products to consumers as free or low-cost, open source models, while larger companies double down on a proprietary, for-profit trajectory, hiding their best features behind a paywall.

Read more
Apple’s hardware can dominate in AI — so why is Siri struggling so much?
Apple's Craig Federighi presents the Image Playground app running on macOS Sequoia at the company's Worldwide Developers Conference (WWDC) in June 2024.

Over the past year or so, a strange contradiction has emerged in the world of Apple: the company makes some of the best computers in the world, whether you need a simple consumer laptop or a high-powered workstation. Yet Apple’s artificial intelligence (AI) efforts are struggling so much that it’s almost laughable.

Take Siri, for example. Many readers will have heard that Apple has taken the highly unusual (and highly embarrassing) step of publicly admitting the new, AI-backed Siri needs more time in the oven. The new Siri infused with Apple Intelligence just isn’t living up to Apple’s promises.

Read more