[ad_1]
Have you ever asked an AI for a password?
When you do, it quickly generates one, telling you confidently that the output is strong.
In reality, it’s anything but, according to research shared exclusively with Sky News by AI cybersecurity firm Irregular.
The research, which has been verified by Sky News, found that all three major models – ChatGPT, Claude, and Gemini – produced highly predictable passwords, leading Irregular co-founder Dan Lahav to make a plea about using AI to make them.
“You should definitely not do that,” he told Sky News. “And if you’ve done that, you should change your password immediately. And we don’t think it’s known enough that this is a problem.”
Predictable patterns are the enemy of good cybersecurity, because they mean passwords can be guessed by automated tools used by cybercriminals.
But because large language models (LLMs) do not actually generate passwords randomly and instead derive results based on patterns in their training data, they are not actually creating a strong password, only something that looks like a strong password – an impression of strength which is in fact highly predictable.
Some AI-made passwords need mathematical analysis to reveal their weakness, but many are so regular that they are clearly visible to the naked eye.
A sample of 50 passwords generated by Irregular using Anthropic’s Claude AI, for instance, produced only 23 unique passwords. One password – K9#mPx$vL2nQ8wR – was used 10 times. Others included K9#mP2$vL5nQ8@xR, K9$mP2vL#nX5qR@j and K9$mPx2vL#nQ8wFs.
When Sky News tested Claude to check Irregular’s research, the first password it spat out was K9#mPx@4vLp2Qn8R.
[ad_2]

