Skip to main content

AI can probably crack your password in seconds

We can now add easily cracking passwords in a matter of seconds to the list of things that AI can do.

Cybersecurity firm Home Security Heroes recently published a study uncovering how AI tools analyze passwords and then use that data to crack the most common passwords used on the web.

Recommended Videos

Using the PassGAN tool, the firm was able to figure out common four- to seven-character passwords in seconds. It also didn’t matter if there was variation in uppercase and lowercase letters or if numbers were included. The shorter and more simple passwords were easier for the tool to crack.

PassGAN uses the latest Generative Adversarial Network (GAN) machine learning model that has been fed over 15 million common passwords. These passwords have been derived from the RockYou data set, which has collected information from popular breaches of companies such as MySpace and Facebook. The RockYou data set has become a commonplace source for machine learning password-cracking models, according to Tom’s Hardware.

PassGAN was able to crack passwords with up to six characters instantly until symbols were included — for those, it took at least four seconds. The tool was able to crack passwords with up to seven characters instantly until they included uppercase and lowercase letters; then it took at least 22 seconds.

Overall, the study determined that passwords longer than 12 characters with a combination of uppercase and lowercase letters, numbers, and symbols were the most challenging to crack. For example, a 15-character password with such a mix would take 14 billion years for AI to crack, according to PassGAN.

However, in common practice, most users are still very much at risk for a password breach. Home Security Heroes notes that for most of the common passwords, at least 51% of those tested were cracked in less than a minute. Many that are more challenging can still be figured out with time; 65% of common passwords can be cracked in less than an hour, 71% in less than a day, and 81% in less than a month.

Tom’s Hardware noted via Statista that six out of 10 Americans have a password between eight to 11 characters. While an 11-character password with uppercase and lowercase letters, numbers, and symbols can put you in the safe zone of 356 years to crack, many users might still be at risk with shorter, less unique passwords.

Users should keep in mind common password safety practices such as not keeping the same passwords for multiple accounts, changing passwords regularly, and using trusted password managers.

Fionna Agomuoh
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
Google’s AI can now tell you what to do with your life
Career dreamer results

Got a degree and no idea what to do with it? Google's newest AI feature can help. The company announced on Wednesday the release of Career Dreamer, an AI tool that can recommend careers that best suit you based on your experience, education, skills, and interests.

Grow with Google | Career Dreamer

Read more
Acer’s new gaming laptops with AI power won’t hurt your pockets
acers new gaming laptops with ai power wont hurt your pockets

Acer has introduced two new gaming laptops outfitted with the latest chips to enable AI features. The Acer Predator Helios Neo 16 AI and Helios Neo 18 AI were announced at a recent Counter-Strike gaming tournament in Poland, according to Engadget.

The laptops can run processors up to Intel Core Ultra 9 275HX processor and the NVIDIA GeForce RTX 5070 Ti Laptop GPU, which facilitates their AI features. Acer said it intends for the Helios Neo 16 model to be a portable gaming option, and the Helios Neo 18 to be good for replacing a desktop computer.

Read more
Adobe’s new AI assistant will finally demystify your phone contract
The Galaxy S24 Ultra and Galaxy S25 Ultra next to each other

Adobe announced a new multimodal capability for its Acrobat AI Assistant that can analyze legal documents to "demystify complex language, summarize key terms and identify differences across multiple contracts," all with a single click. It's called, unsurprisingly, Contracts AI.

Contracts is capable of interpreting both digital and scanned documents, automatically identifying contracts as such. The system then "tailors the experience, generating a contract overview, surfacing key terms in a single click ... and recommending questions specific to customers’ documents," according to the announcement post.

Read more