You might be terrified of this new invention, where an AI crack your password within minutes but it is happening and has real-world consequences!
Home Security Heroes, which is a group of online security experts had come up with the unimaginable news of an AI being able to crack the passwords in less than a minute. The cybersecurity group did a study on the AI password cracker PassGAN, with 15,680,000 passwords. And the shocking study revealed that the same AI could breach over 51 percent of passwords in not more than 60 seconds.
Moreover, PassGAN can crack 51 percent of passwords in less than 60 seconds, 65 percent of passwords in less than an hour, and 81 percent of passwords within just 30 days.
What type of password would be safe from PassGAN?
According to the website of Home Security Heroes, passwords with less than 18 characters are generally safe against PassGAN. This is where the AI password cracker would face difficulties as it would take around 10 months to crack number-only passwords. Also, if you are using a password with symbols, numbers, lower case letters, and upper case letters the AI password cracker would take 6 quintillion years to crack such a password.
It is said that the Artificial Intelligence password cracker would be able to crack only easy-to-predict and generic passwords within the span of a minute. The AI can anytime guess small passwords with fewer character lengths. Here, we would suggest not having passwords with your date of birth or avoiding using passwords having your name.
PassGAN usually takes a longer duration to predict passwords with a combination of characters. A password with a character count of around 20 and with a combination of symbols, and letters in upper case & lower case as well as numbers would trick the AI cracker and have your password safe for at least 10 months.
While it takes only six minutes or less to crack any kind of password having just 7 characters, even if it contains symbols.
A company called Tom’s Hardware noted that six out of 10 Americans have password characters that range between eight to at least eleven characters. Here is a password with 11 characters, having uppercase and lowercase letters, and numbers, as well as the symbols from your keyboard, can have your password safe for at least 356 years. So the best way to have yourself saved from PassGAN is to not go for less unique passwords.
What is PassGAN?
The whole word ‘PassGAN’ is a mixture and an acronym of “Password” and “Generative Adversarial Network.” This means autonomously learning about the distribution of real passwords from actual password leaks, eliminating the need for manual password analysis.
This AI has made password cracking easier and faster. The efficient password cracker AI has now become a serious threat existing in this world and is creating concern in terms of online security.
PassGAN can generate a number of password properties and at the same time even improve the quality of the predicted passwords. This learning process of PassGAN is now a serious issue when it comes to online security.
PassGAN is now an easy tool for cybercriminals to obtain and have their passwords cracked. This can now give them easy access to your personal data.
How does PassGAN work?
A password guessing tool usually works on simple data-driven techniques. They go through the data models which run manual password analyses. And, in addition, the tools then make further assumptions on how a password pattern would go forward.
Here, having a password guessed using such strategies is relatively efficient. Also, when the passwords are long and have complex patterns in them, these tools go incapable of cracking a password. Such passwords would even make them slow.
But this is not the case with PassGAN. PassGAN at its core works with Neural Networks. Neural Networks are systems that train machines to interpret as well analyze data similar to a human mind. PassGANs neural network is designed to have a record of a variety of properties and structures.
This technology continually trains using the RockYou dataset, a group of data that is used to train the intelligent system about password analysis. PassGAN has trained itself with such abilities, and with that, it was also is able to leverage the acquired knowledge and has created a new simple step to crack the passwords.
How to Protect Yourself Against PassGAN?
As we have mentioned in the article previously, there are a few steps that you can follow to have your password protected, like not having a very less unique password. We are also mentioning a few more steps and a table which will help you understand what amount of time does the AI password cracker takes to have your password cracked.
What measures can you take to be safe from PassGAN?
- Avoid going for predictable or even generic passwords.
- Do not go for a password that has only a number in it.
- Passwords should contain at least 15 characters with a mix of symbols, numbers, and alphabets.
- Try going for a 20 character password
- Try using lowercase as well as uppercase letters in your passwords.
- Save your passwords in a password manager
- Try to have at least 2 letters, upper and lower-case type, numbers, as well as symbols in your password
- Change your passwords every six months
- Do not use one common password for all your accounts.
- You should go for strong password patterns, as the password strength is the only thing that makes the difference between a strong and a weak or let’s just say an easy to hack password.
- According to the study by Home Security Heroes, a ten-letter password having only lowercase letters took an hour to get hacked. While on the other hand, a ten-letter mixed case password took four weeks.
- Now talking about the ten-character password, which had letters, symbols as well as numbers showed an ETA of up to five years.
- You should also keep a track, if your password is being used by someone else, with two factors authentication process. If at all you doubt that someone else has an access to your account or if you have unknowingly shared your password with someone, you should immediately change your password.
- One thing we would suggest, to have your accounts protected is to avoid having the same password on all your accounts. This could create a very risky scenario as, if at all your one password is breached, the cracker or the hacker can then have access to all of your accounts.
- Ensure one thing you have a separate and new password ready for all your separate accounts.
- The format of the password can be consistent but you should make a few changes to it.
More about Password Guessing Tools
Password guessing tools such as HashCat and John the Ripper lets users have access to billions of passwords within a span of just a second. Also, these tools can expand their password dictionaries by using their password generation rules database. These rules revolve around the concatenation of words. Concatenation of words means the interconnection of words.
The password crackers guess and work on words with the leet speak technique. Here, in such a technique, the word “password” becomes “p4s5w0rd.”
These crackers were recently introduced with PassGAN to make them autonomously learn the distribution of real passwords and datasets. These password crackers were then able to surpass their previous learning process.
Also on the other hand, PassGAN achieved the same results without having any prior knowledge of any password security breach or even common password structure.
When the password cracker Hashcat was combined with PassGAN, HashCat was able to match 51% to 73% more passwords than usual. This was a shocking eye-opener as PassGAN could autonomously extract a considerable amount of password properties.
Password Manager Tool You Need 👉 Dashlane Review: #1 Premium Password Manager Solution
FAQs on Can AI Crack Your Password & PassGAN
How often should one change a password?
To have yourself protected against the PassGAN, one should change a password at least every 3 to 6 months.
What pattern should one avoid to be safe from PassGAN?
Avoid names, date of birth, and other commonly used names in your day-to-day life.
Is PassGAN just hype?
Although, you should be careful of what such password crackers can do, In an Ars Technica review, the Editor Dan Goodin said that PassGAN was “mostly hype.”
Conclusion: Should one be scared of PassGAN?
AI is getting a hold over the world slowly, and now that we are introduced to an AI that can easily crack a password, it feels a bit threatening. But as of now, we can say that the PassGAN AI password cracker is still in its beta phase, which makes it a bit easy situation for everyone.
But the suggestion we shared with you, to have your passwords protected and make them strong is to be followed if you wish to have your accounts and IDs protected. PassGAN or no PassGAN you should stick to these password protection rules to have control over your security. You should use the password managers and also do not have the same password at all for all of your separate accounts.