PassGAN is an AI-based password cracking system. How to protect yourself.
With the latest artificial intelligence, PassGAN was capable From 51% of passwords are compromised in less than a minute, with 71% of passwords cracked in less than a day.
This new study shows just how scary the latest generative AI is when it comes to password cracking. Home Security Heroes used the new password cracker PassGAN (password generative adversarial network) to compile a list of over 15,000,000 credentials from the Rockyou dataset, and the results were stunning.
51% of all common passwords were cracked in less than a minute, 65% in less than an hour, 71% in less than a day and 81% in less than a month.
The reason AI makes such a difference in password cracking is that instead of having to manually parse PassGAN against databases of leaked data, PassGAN is able to “learn itself to distribute real passwords from leaks of more effective passwords “.
How to protect yourself from AI?
By making sure you use at least 12 characters or more with both uppercase and lowercase letters and numbers (or even symbols), you make an important difference between instant or quick passwords and those that are difficult to crack.
All the 18-character password that contain both letters and numbers have been found safe from AI cracking for now.
Seeing how powerful AI can be at password cracking is a good reminder to not only make sure you’re using strong passwords, but also to check the security of your accounts:
- Use 2FA/MFA (non-SMS based if possible)
- You do not reuse passwords between accounts
- If possible, use automatically generated passwords
- Update your passwords regularly, especially for sensitive accounts
- Refrain from using public WiFi, especially for bank accounts and the like
There is a tool on the Home Security Heroes website with which you can test your passwords against AI. The company claims that whatever you type is not stored or shared, and we have no reason to doubt that. However, to be on the safe side, it’s safer not to enter any of your real passwords: if you want to try the AI password analyzer, enter a random one.