This AI Tool Can Crack Your Password in Sixty Seconds; Here's How to

This AI Tool Can Crack Your Password in Sixty Seconds; Here’s How to Protect Yourself

Short passwords can be cracked in a matter of seconds by the AI tool PassGAN.

Even though ChatGPT may be the AI that everyone is thinking about right now, chatbots aren’t the only AI tool that has emerged in recent times. DALL•E 2 and Runway Gen 2 are just two examples of AI picture and video creators. Sadly, some AI password crackers exist as well, such as PassGAN.

PassGAN is actually not that new, at least not in the grand scheme of things. The most recent GitHub update was six years ago, and it made its debut back in 2017. In other words, this isn’t a brand-new hacking tool developed in response to the ChatGPT revolution. But when it was recently put to the test by cybersecurity research company Home Security Heroes, the results were startling. PassGAN can break any — yes, any — seven-character password in six minutes or less, according to the Home Security Heroes study. It can quickly crack passwords of seven characters or fewer, regardless of whether they contain symbols, capital letters, or numbers.

Modus operandi

PassGAN combines Password with the Generative Adversarial Network (GAN), much like ChatGPT combines Chat with the Generative Pre-trained Transformer (GPT). In essence, the deep learning model that the AI is trained on is GAN, similar to GPT.

In this case, the model’s objective is to provide password guesses based on real-world passwords that it has been given as input. In order to train PassGAN, a popular tool for studies like these, Home Security Heroes used the RockYou dataset that resulted from the 2009 RockYou data breach. PassGAN was given the data set by the organisation, and it then generated passwords in an effort to properly guess sample passwords.

In the end, it was possible to quickly break a wide range of passwords. Home Security Heroes then had an AI tool trained on actual passwords that could instantly crack passwords after using PassGAN to train on the RockYou dataset.

Should I be alarmed about PassGAN?

The good news is that, for the time being at least, you don’t really need to panic about PassGAN. Security Editor for Ars Technica Dan Goodin claimed in an opinion piece that PassGAN was “mostly hype.” This is because while the AI tool can fairly easily crack passwords, it doesn’t do it any more quickly than other non-AI password crackers.