It’s time to reconsider your password if you believe it to be strong. A recent study from the cybersecurity website demonstrates how fast and conveniently AI Tools can decipher your password. According to statistics, 51% of frequently used passwords can be broken in about a minute.
The security service website utilized PassGAN, a password generator built on a Generative Adversarial Network, for research. Because PassGAN doesn’t rely on manual password analysis, it differs from conventional password generators. Its model, in contrast, uses GAN to create plausible passwords by learning from actual password breaches, as the name suggests. GAN is an ML model that pits two neural networks to improve predictions. The two networks include a discriminator and a generator.
In essence, the generator creates false data in an effort to trick the discriminator. The discriminator’s task is to separate the genuine data from the fictitious data that the generator produces. It turns into a game of cat and mouse where both networks profit from the ongoing conflict. The discriminator grows better at telling the actual data from the false, while the generator keeps becoming better at creating better fake data.
Recent Research
15,680,000 popular passwords from the RockYou dataset were given to PassGAN by an online security website to train the model. The company did not include passwords with more than 18 characters in its trial. RockYou is a company that created widgets for well-known social networking sites like MySpace and Facebook. Because RockYou was keeping data inside an unprotected database, hackers broke into the company’s network in 2009 and stole the data of over 32 million members. The RockYou dataset ultimately gained popularity as a training source for ML models that hack passwords.
Over the years, there have been several data breaches involving victims including Facebook and Yahoo. In order to train password generators like PassGAN, there are many personal datasets available. More data provides the AI Tool with more material to work with.
According to Home Security Heroes research, PassGAN was able to decrypt 51% of popular passwords in just a minute. The harder passwords, however, required the AI to take a little longer to process. For instance, PassGAN achieved success rates of up to 81% in less than a month and cracked 65% in less than an hour.
Most Common Passwords
According to another study, six out of ten Americans use passwords that are 8 to 11 characters long. However, fewer than one-third of people use passwords longer than 12 characters. It makes sense because short, easy-to-remember passwords are more vulnerable to hacking attempts.
PassGAN was able to crack a seven-character password in less than six minutes despite its mix of numbers, upper- and lower-case characters, and symbols. Furthermore, it can decipher a ten-character password made exclusively of lowercase and numeric characters in an hour. But when symbols, numerals, and uppercase letters are included, the decryption process might take up to five years. Hence, it’s not simply important to have a long password; it must also have a difficult pattern in order for the AI Tool cannot swiftly decipher it.
Password Integrity Recommendations
The are some recommendations for Home Security Heroes for preserving the integrity of your passwords. To begin with, make a password with at least 15 characters and a strong pattern that includes at least two upper- and lower-case letters, digits, and symbols.
PassGAN can crack a password of eight or nine characters in around seven or two weeks, respectively. Moreover, ten- or eleven-character passwords would take the AI Tool between five and 365 years to figure out. However, it would take 14 billion years to decrypt a password of 15 characters. Therefore, it’s also crucial to change your password on a regular basis—every three to six months. Avoid using the same password for many accounts as a precaution.
AI is here to stay, and its supporting hardware will become better over time. It is apparent that AI has a lot of advantages for our daily lives. However, there is nothing to stop bad actors from using it for terrible ends, like breaking passwords to steal your data.
