InfoSecBulletin Cybersecurity for mankind
A new study by a cybersecurity firm has revealed that most commonly used passwords are vulnerable to artificial intelligence (AI) tools and can be cracked almost instantly.
AI chatbots like ChatGPT have made it easier to perform tasks just by sending prompts. However, it seems these large tools are also very good at creating fresh cybersecurity concerns.
Hacker claim to breach Link3; 189,000 Users data up for sale
Check Point Hosts “Securing the Hyperconnected World in the AI Era” in Dhaka
Microsoft Confirms 900+ XSS Vulns Found in IT Services
Daily Security Update Dated : 15.09.2025
IBM QRadar SIEM Vuln Let Attackers Perform Unauthorized Actions
Major Australian Banks using Army of AI Bots to Scam Scammers
F5 to acquire CalypsoAI for $180M for Advanced AI Security Capabilities
AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Attacks
CVE-2025-21043
Samsung Patched Critical Zero-Day Flaw Exploited in Android Attacks
Albania appoints world’s first AI minister, “Diella” to Tackle Corruption
According to a report by Home Security Heroes, a cybersecurity company, AI can easily crack most commonly used passwords and thus pose a huge threat to people who do not bother with more intricate combinations.
For an experiment, the firm used an AI-powered password cracker, dubbed PassGAN – a shortened version of the words “Password” and “Generative Adversarial Networks” (GAN).
In all, more than 15 million commonly used passwords were checked, and the results are disturbing – though not entirely surprising.
The study has revealed that a shocking 51% of common passwords can be cracked in under a minute. This means over half of common passwords are completely insecure. Besides, 61% of passwords can be cracked in under an hour, 71% in a day, and 81% in a month.
Passwords with up to seven characters can be cracked in under six minutes, even if they incorporate symbols. A password with six characters – including those that use combinations of numbers, upper and lowercase letters, and symbols – can be cracked instantly.
So what’s safe? As per the study, passwords with more than 18 characters are ideal against AI tools – even if only numbers are used. But if you use a password this long and include numbers, lower and uppercase letters, and symbols, it would take the AI tool six quintillion (six billion billion) years to crack it.
PassGAN is a deep-learning tool for password guessing, developed by Stevens Institute of Technology in New Jersey, and the New York Institute of Technology, in 2017.
Researchers first trained a GAN to rapidly learn all the most common human password strategies – dictionary words, numerical sequences, and the like – from databases of tens of millions of known, leaked, common and complex passwords, and simple variations of them. Cybernews also has a database of suchlike available.
Researchers then took the project a notch higher, freeing up the network to create its own rules and patterns, if it so chose, from that training data.
That’s precisely what the AI did, autonomously learning the distribution of real passwords from actual leaks – thus eliminating the need for manual password analysis.
Despite security experts recommending strong and unique passwords, along with two-factor authentication and password managers, people continue using weak codes that even a novice cybercriminal could hack in a couple of moments. Never mind a dedicated AI program.
