Artificial Intelligence (AI) technology has revolutionized the way we live, work, and interact with one another. However, as with any powerful tool, AI also has a dark side that can be exploited if misused. The latest example of this dark side was revealed when it was discovered that AI can be used to hack passwords in a matter of seconds.
This information was revealed in a study conducted by cybersecurity firm Home Security Heroes earlier this year. The study aimed to analyze password hacking using an AI-based tool called PassGAN (Password Generative Adversarial Network). With this tool, the firm analyzed over 15 million passwords taken from a range of data breaches that occurred at various social media companies, such as MySpace and Facebook.
The study found that PassGAN could instantly hack passwords with six characters. If the password contained symbols, PassGAN needed at least four seconds to crack it. Furthermore, the AI-based tool was able to hack passwords with seven characters directly. It took 22 seconds to hack passwords that included a combination of lower and uppercase letters. As seen in the illustration above, PassGAN began to struggle when attempting to crack passwords that exceeded 12 characters with a combination of numbers, symbols, upper and lowercase letters. Such combinations were claimed to require 30,000 years to crack. If users want to be completely secure, they can try an 18-character password that includes all of the aforementioned combinations. AI would need to "rack its brains" for 6 quintillion years to break into an account protected by such a code.
The Home Security Heroes study also showed that as many as 51% of commonly used passwords could be hacked in under a minute. Additionally, 65% of commonly used passwords could be hacked in under an hour, and 71% could be hacked in under a day. Furthermore, 81% of passwords could be hacked in under a month.
PassGAN was able to hack passwords with such ease because of its ability to independently learn the original distribution of passwords from existing data breaches. This is much more efficient than relying on human labor to perform manual analysis.
How to Avoid Hacking
According to Home Security Heroes, there are three strategies that users can implement to avoid AI-based hacking. First, users need to choose a 15-character password that contains at least two lowercase or uppercase letters, two numbers, and two symbols. Avoid using easily understandable sentence patterns. Second, users should schedule password changes every three to six months. Make sure that the password is only known to the user. Finally, users are advised not to use the same password for every account. Hacking of one account can have an impact on all user accounts. To simplify, users can choose a consistent password format, as long as each password has its own uniqueness, as noted from the official Home Security Heroes website. For example, users can use the password "5711@FB_FaceBookIsLocked" for Facebook and "1286_IG@IGIsLocked" for Instagram. Both passwords have consistent formats, consisting of lowercase letters, uppercase letters, numbers, and symbols.
In conclusion, while AI technology has immense potential, it also has a dark side that can be exploited for nefarious purposes. It is important for users to be vigilant about their password security, regularly changing their passwords, and avoiding using the same password across multiple accounts. By following these strategies, users can protect themselves from the threat of AI-based hacking.
