Nowadays the world uses more and more artificial intelligence (AI) based tools in various fields, and as expected, cybercriminals are constantly looking for ways to leverage these new technologies to their advantage. For example, it has been shown that ChatGPT can write extremely effective phishing e-mails, which cut costs significantly and can be implemented on an enormous scale.

According to Cybernews, one of the current questions looming over ordinary everyday internet users, as well as people seeking to break into their accounts, is- can GPT tools be used to crack people’s passwords?

For ChatGPT the current answer is no, although it can be persuaded to provide a list of commonly used passwords. But for good or for worse, there are many other AI tools that can crack a password with little effort, and no morality issues.
This is where PassGAN comes in.

The cybersecurity research company Home Security Heroes ran a list of 15.7 million passwords through an AI tool called PassGAN and found that it could guess any 4–5-character password immediately, and any 6-character password was cracked within four seconds. The company stated that over half of the world’s most commonly used passwords could be cracked within a minute, while two-thirds of the most frequently used passwords are discovered by PassGAN within an hour.

According to Cybenews, PassGAN uses Generative Adversarial Networks (GAN) to autonomously learn the distribution of real passwords from actual password leaks, eliminating the need for manual password analysis.

Furthermore, this is only the first version of this technology, and as AI develops it constantly learns, evolves, and finetunes itself to provide better, more logical guesses. This means that the speedy password-cracking is only going to get faster with time.

As AI is being used more and more commonly, we see it implemented in people’s work, and sadly hacking is also a line of work. Criminal uses of AI technology is something that Geoffrey Hinton, Google’s AI expert is very worried about, so much so that he recently quit the company altogether over concerns about the effects of the AI revolution.

Nevertheless, a sure solution in the meantime against security breaches by humans or AI is to follow best password practices. Some advice is to keep your password long, combine numbers and signs, avoid memorable keyboard paths, and not use anything personal to you.