If you're a fan of chatbots like ChatGPT, Claude, or Gemini, it might seem like a no-brainer to ask the AI to generate passwords for you. You might like how they handle other tasks for you, so it might make sense that something seemingly so high-tech yet accessible could produce secure passwords for your accounts. But LLMs (large language models) are not necessarily good at everything, and creating good passwords just so happens to be among those faults.
The thing is, these results seem good on the surface. They look uncrackable because they're a mix of numbers, letters, and special characters, and password strength identifiers might say they're secure. But these generations are inherently flawed, whether that's because they are repeated results, or come with a recognizable pattern. Researchers evaluated the "entropy" of these passwords, or the measure of unpredictability, with both "character statistics" and "log probabilities." If that all sounds technical, the important thing to note is that the results showed entropies of 27 bits and 20 bits, respectively. Character statistics tests look for entropy of 98 bits, while log probabilities estimates look for 120 bits. You don't need to be an expert in password entropy to know that's a massive gap.
It might seem surprising that a chatbot wouldn't be good at generating random passwords, but it makes sense based on how they work. LLMs are trained to predict the next token, or data point, that should appear in a sequence. In this case, the LLM is trying to choose the characters that make the most sense to appear next, which is the opposite of "random." If the LLM has passwords in its training data, it may incorporate that into its answer. The password it generates makes sense in its "mind," because that's what it's been trained on. It isn't programmed to be random.
It's not hard to make a secure password
But you don't even need one of these programs to make a secure password. Just pick two or three "uncommon" words, mix a few of the characters up, and presto: You have a random, unique, and secure password. For example, you could take the words "shall," "murk," and "tumble," and combine them into "sH@_llMurktUmbl_e." (Don't use that one, since it's no longer unique.)
Passkeys may be even more secure than passwords
Not all accounts support passkeys, which means they aren't a universal solution right now. You'll likely need passwords for some of your accounts, which means abiding by proper security methods to keep things in order. But replacing some of your passwords with passkeys can be a step up in both security and convenience—and avoids the security pitfalls of asking ChatGPT to make your passwords for you.
Hence then, the article about here s why you should never use ai to generate your passwords was published today ( ) and is available on Live Hacker ( Middle East ) The editorial team at PressBee has edited and verified it, and it may have been modified, fully republished, or quoted. You can read and follow the updates of this news or article from its original source.
Read More Details
Finally We wish PressBee provided you with enough information of ( Here's Why You Should Never Use AI to Generate Your Passwords )
Also on site :