Can AI Tools Guess Passwords? Ways to Protect Your Accounts

Updated October 6, 2023

It was simply a matter of sometime after the development of tools powered by artificial intelligence, such as ChatGPT, before AI was used to circumvent password protection.

Only 1 minute or even less time is all it takes for these artificial intelligence apps to actually guess 51% of easy passwords.

If this security breach does take place, the resulting harm could be anything from a small data or personal info theft to a total organizational breakdown.

By creating and maintaining randomized, secure or strong passwords, numerous password management systems can avoid such failures of password security. Although it takes quite some time to know the passwords that are strong or difficult to guess, but it can quickly guess a large number of passwords.

All firms are having constant discussions about cyber security. Yet, information technology departments are rushing to stay ahead of the curve now that artificial intelligence (AI) has invaded chat.

Cybercriminals are attacking password security by utilizing AI advancements. Once passwords have been obtained, hackers can enter the networks of unwary companies and steal sensitive data including bank records and even personally identifiable data.

We’ll go through ways about how popular passwords can be cracked using AI and what individuals can do to strengthen password and protect their accounts.

How Does AI Crack Passwords

Can AI Tools Guess Passwords

While AI tools are possibly revolutionizing business, they also support crooks. Data from Home Security Heroes shows that AI can crack 51% of popular passwords in under a minute. What’s more alarming is that AI can quickly break up to 80 percent of security passwords. AI technologies can also keep come up with some very secure passcodes as they have the ability to learn on their own.

The following unsettling data regarding AI password breaking was found by Home Security Heroes:

  • A password could be easily, immediately cracked if it does not have five characters. This discovery was made using the PassGAN which is an AI password cracker, which analyzed more than 15 million of passwords.
  • In a research, a majority of processed passcodes were guessed in a short period of time, and over fifty percent of all these passwords were actually cracked in under a minute.
  • Irrespective of level of complexity, a passcode that is six characters or has fewer characters can be cracked within just four seconds or even less.
  • PassGAN is actually capable of breaking a password that just contains numerical values in just 10 months or fewer, even if the 18-character passcodes are used.

The following methods for password cracking have been employed by hackers since a very long time; however AI is making their use much more accessible.

  • Brute forcing attacks: Using this technique, machines powered by AI may generate and test various character sequences in an effort to discover the true password. The generation and testing of passwords could be sped up with the right application of techniques for machine learning, and then the algorithms can successfully crack the passwords.
  • Credential Stuffing: People frequently utilize the same passwords—without altering a single letter or symbol—for numerous accounts. As a result, the passwords are simple to remember. AI tools may access your different accounts’ passwords if the password for one of the accounts was involved in a data breach.
  • Dictionary Attacks: AI algorithms are able to decipher patterns in leaked passwords by using huge dictionaries and several lists of widely used phrases, words or passwords. The tools examine patterns and have a higher success rate when attempting to guess the passwords.
  • Data mining: There is a ton of information available online about every one of us. We might have posted it at various points in time, whether for personal or business use. AI programs are capable of searching the internet for certain details about you, gathering and analyzing personal data. If person has used their birth date, names of family members, etc., as a passcode, then this information can easily be exploited to crack your password.

Ways to Protect Accounts and Secure Passwords

The following techniques can be used to protect the accounts and hide passwords from these AI applications.

1. Implement password managers

Both free as well as premium password managers are widely accessible. You may generate safe, unique passcodes by using these password managers and you can even save them for using later and you also don’t need to remember them.

Keep in mind that you have to fully trust the decisions made by the secret words administrator you choose. Avoid choosing enigmatic administrations which offer non practical characteristics.  Select a particular password manager with an excellent record of keeping passwords secure.

2. Use powerful and distinctive passwords

One of the best options for your security from AI attacks is to develop strong, unique passwords. A password must incorporate a complicated enough sequence of capital as well as lowercase letters, numeric values, as well as special characters. The combination of these characters shouldn’t allow the AI to discern any patterns.

Avoid using well-known terms, predictable human instances, and personal information while creating strong and unique passwords. You have to make unique, safe passwords for all the accounts you have.

3. Keeping an eye on data breaches

Data breaches happen frequently because we have so many accounts online with different suppliers of services. They commit a minor error that enables hackers to easily grab personal information and sell these details on the dark site.

In order to protect your personal accounts if the data breach takes place, you must regularly monitor data breaches and assess whether they have any impact on the existing username or your email address.

 You can utilize programs such as  “Have I been pwned,” that are free to use, and easy to find out if the data was impacted by the security breach or not. You need to update the passwords for your accounts that were compromised if your data was exposed.

4. Switch on two-factor authentication (2FA)

 Two-factor authentication adds an additional degree of protection to your password that you have you set for your online account.

A temporary code sent from your phone, a biometric check, a hardware token, or a code generated by 2FA software like Google Authenticator, Authy, etc. are all acceptable forms of two-factor authentication. This technique prevents anyone accessing to your accounts even if they know the password.

5. Activate Google Passkeys

The Passkeys feature has recently been made available to Google’s users. It protects Google and other compatible accounts by utilizing your facial recognition, fingerprint, or by a personal identification number (PIN) specific to the phone or computer that you are using to access your account on.

In the settings of your account specific to the device which is utilized to enable them, passkeys should be manually enabled or activated. This implies that one can connect into their Google account without typing a password if they have enabled a passkey on any if the devices.

 For a single record, you can enable multiple passkeys and protect it by removing the password requirement.

6. Examine the Activity on Your Account

The online accounts we’ve created allow us to monitor the activities we perform on them. This includes information about the devices we utilized, the amount of time we spent using the app and information about logging in or out, etc.

By routinely checking this data, individuals can keep track of account and protect it if any activity is performed that weren’t aware of.

7. Avoid clicking on links that you don’t trust

We receive several letters and emails each day. While the most of them are unfamiliar to us. Firstly you should not open those emails or messages but if you do, don’t ever click on any of the given links if they have nothing to do with you.

Hackers may gather personal information as these links are clicked and opened that they send you. There are many people who experience everyday losses as a consequence of these phishing attacks.


In this era where Artificial Intelligence is taking over human power and can easily breach a person safe space or their privacy, it is really important that we stay protected and take all the measures to keep our personal information protected.

Hope these methods helped you in some way. If you haven’t protected your accounts like this already, don’t waste a second and try these methods to keep your account protected.  


Which AI tool is there for password cracking?

Neural networks are used by PassGAN, which is a machine learning-based Artificial Intelligence password breaker, to reduce the need for manual passcode analysis and guessing or cracking.

Does anyone hack accounts using AI?

Due to its capacity to learn and foresee both the present and the future, an AI is a  potent tool for hackers. Cybercriminals frequently employ AI to break into corporate networks using the following technique: deepfake data generation.

Leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.