It’s no secret that weak passwords can be easily cracked. But a new experiment conducted by cybersecurity firm Home Security Heroes shows just how quickly an AI-driven tool can crack passwords. Over half of the weak passwords fed to an AI tool called PassGAN were cracked in under a minute, while 65% were cracked in under an hour. The experiment involved PassGAN, a new type of password cracker that uses two neural networks to generate and distinguish between real and fake passwords. The results of the experiment are a wake-up call for anyone who values online security.
PassGAN: A New Breed of Password Cracker
Traditional password cracking tools rely on fixed datasets, but PassGAN is different. It uses two neural networks: one to generate passwords and the other to distinguish between fake passwords and passwords taken from real data breaches. As it’s trained, PassGAN’s generative adaptive network learns to offer more sophisticated password predictions, allowing for faster and more widespread cracking.
The Experiment
Home Security Heroes used PassGAN to crack over 15 million passwords from the 2009 RockYou breach, excluding passwords under four and over 18 characters. Simple passwords with low character counts were cracked instantly, and even more complex passwords could be determined much quicker. An 11-character password could fall immediately if it was simple enough.
Overall, PassGAN was able to crack 51% of common passwords in under a minute, and 65% in under an hour. That’s a worrying statistic for anyone who thinks their passwords are secure.The experiment also showed that even more complex passwords could be cracked given enough time. PassGAN was able to crack 71% of passwords in a day, and 81% in a month.
Read More: Cyber-crimes and cyber security in Pakistan
Home Security Heroes recommends
Based on the findings of the experiment, Home Security Heroes offers some advice that security experts and journalists have been saying for years. Firstly, don’t reuse passwords. Secondly, change your passwords regularly, especially for hacked websites. Finally, use passwords that are at least 15 characters long, with a mix of upper and lower case letters, numbers, and symbols, and don’t follow any obvious patterns.
Perhaps the most important lesson to take away from the experiment is the importance of randomness in passwords. Passwords that were more random and had more characters took much longer to crack. Home Security Heroes says that a password with 18 lower and upper case letters, symbols, and numbers would take 6 quintillion years to guess. A quintillion is one-billion billions, so that’s a six followed by a lot of zeros.
Password Managers & Two-Factor Authentication
One way to ensure that your passwords are strong and secure is to use a password manager. These tools can generate random, unique passwords for each site you use and store them securely. This means that you don’t need to remember multiple passwords, and you can be sure that your passwords are as strong as possible.
Another way to increase your online security is to turn on two-factor authentication wherever you can. This adds an extra layer of security to your accounts and makes it much harder for hackers to gain access to your data.
Read More: Artificial Intelligence and future warfare
The Future of Password Cracking
It’s important to remember that PassGAN is just one example of how AI can be used to crack passwords. As AI models continue to learn and evolve, it’s possible that password cracking tools will become even more sophisticated. Biometric authentication methods (fingerprint and facial recognition and quantum cryptography (uses quantum mechanics to create secure communication channels) offer promising solutions for secure authentication. These technologies eliminate the need for passwords and provide a more secure way to authenticate users.
The experiment run by Home Security Heroes highlights the alarming ease with which artificial intelligence-driven password cracking tools can hack weak passwords. The findings emphasise the importance of using strong and complex passwords to secure our online accounts and sensitive information. With the drastic change in technology it is important to stay vigilant and keep up with the latest security practices to protect your sensitive information from cyber attacks.Â