The exponential growth of artificial intelligence (AI) and its powerful presence in chatbots like ChatGPT and Gemini have brought about astonishing benefits for humanity. However, alongside these positive applications, AI also poses significant threats when misused for malicious purposes. One of the foremost dangers today is the exploitation of AI by hackers to accelerate and enhance password cracking for users’ critical online accounts, including email, social media, and even banking.
Familiar and easy-to-remember passwords are highly vulnerable to hacker attacks.
The AI Threat in Password Cracking
Research conducted by Home Security Heroes, a cybersecurity firm, has unveiled the frightening capabilities of AI in password cracking. By employing an AI-integrated password-cracking software named PassGAN and testing it against a vast database of 15 million passwords, the experts uncovered alarming results. PassGAN successfully cracked 51% of common passwords within just a minute, and even seemingly complex passwords could only withstand a few hours or days against this AI tool.
Supporting this, a study by IT company Hive Systems revealed that experienced hackers take an average of 37 seconds to crack a basic 8-character password. This highlights the critical importance of password length and complexity in thwarting hacking attempts.
Hackers can crack an 8-digit password in approximately 37 seconds.
The study also found that passwords with 6 characters or fewer are almost instantly cracked by PassGAN, while only those with 18 or more characters are considered secure against advanced AI-integrated password-cracking tools. This indicates that traditional password creation methods, focusing on memorability and modest length, are no longer effective in the AI era.
Creating Secure Passwords in the AI Era
To safeguard your online accounts from the threat of AI-powered, high-speed password-cracking tools, follow these expert-recommended measures for stronger password security:
Increase Length and Complexity: Opt for passwords with a minimum length of 12 characters. Ensure a mix of uppercase and lowercase letters, numbers, and special characters (e.g., !, @, #, *). The longer and more diverse your password, the exponentially harder it becomes for automated cracking tools to guess, significantly reducing the risk of being hacked.
Unique Passwords for Each Account: This is the golden rule of password security. Never reuse a password across different online accounts (email, banking, social media, shopping, etc.). If one account is compromised, unique passwords will prevent hackers from accessing your other accounts.
Use a unique password for each online account to ensure maximum security.
Avoid Guessable Passwords and Utilize Tools: Steer clear of easily guessable passwords linked to personal information (names, birthdates, pet names, etc.) or simple sequences (123456, abcdef…). Instead, leverage password generator tools to create truly random, complex, and lengthy passwords. As remembering dozens or even hundreds of such passwords is impractical, rely on reputable password manager software. These tools securely store all your passwords once you log in with a single master password. Several trusted password manager apps are readily available from leading cybersecurity companies.
