A recent study conducted by Home Security Heroes, a cybersecurity company, has revealed that even if you think you have a strong password, it may not be enough to protect your online accounts. According to their research, 51% of commonly used passwords can be easily cracked by artificial intelligence (AI) in less than a minute.
The researchers used a password generator called PassGAN, which is based on a machine learning technique called Generative Adversarial Network (GAN). Unlike other password generators that rely on manual analysis, PassGAN learns from real password leaks to generate passwords that are more realistic and commonly used. GAN is a type of machine learning model that consists of two neural networks - a generator and a discriminator - that compete against each other to improve their accuracy.
The generator creates fake data to deceive the discriminator, whose job is to differentiate between the real and fake data. This competition between the networks drives them to constantly improve, resulting in more realistic fake data and a more accurate discriminator. In essence, the PassGAN password generator uses this cat-and-mouse game to create passwords that are difficult to crack, making it clear that using strong, unique passwords is essential for protecting online accounts.
Home Security Heroes utilized the RockYou dataset of 15,680,000 commonly used passwords to train PassGAN. Excluding passwords shorter than four and longer than 18 characters, the AI-based password generator cracked 51% of the passwords in under a minute. PassGAN took longer to crack more complex passwords, with up to 81% being decrypted in less than a month. The prevalence of short passwords in the general population, with six out of ten Americans having passwords between eight to 11 characters, makes them more susceptible to attacks.
Creating a strong password with at least 15 characters that combines upper- and lower-case letters, numbers, and symbols is recommended. PassGAN can crack eight to 11-character passwords in seven hours to two weeks, even if you follow best practices. In contrast, a 15-character password can take up to 14 billion years to decode. Changing passwords periodically and avoiding reusing passwords across multiple accounts are also essential.
While AI brings many benefits to our daily lives, malicious actors can leverage it to crack passwords and steal sensitive data. As AI hardware improves, it is crucial to ensure that robust security measures are in place to protect our online accounts.
© Copyright 2023. All Rights Reserved Powered by Vygr Media.