Wonderful, an AI can crack the most common passwords almost instantly

It might be time to change your password.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Just how strong are your passwords? A recent study finds that an AI password cracker can figure out the most common 4-7 character passwords in a matter of seconds. The scary part is that it includes passwords with upper and lower case letters and numbers. Not even hackers are safe from having their jobs taken by an AI!

Cyber security firmHome Security Heroes(viaTom’s Hardware) fed PassGAN, an AI password cracking tool that leverages a generative adversarial network (GAN), over 15 million common passwords to train the model that could brute force some of the most common passwords in seconds.  The passwords were taken from the RockYou dataset (which included passwords for Myspace and Facebook), which was hacked back in 2009. So it’s training the AI with real passwords people have used, therefore “improving the quality of predicted passwords.”

Home Security Heroes found that PassGAN cracks 51% of common passwords (4-7 characters) in just under a minute, with more challenging passwords (up to 11 characters) in less than a month. A fun little tool on the site lets you type in a password, telling you how long the AI will take to crack it. Though, to be on the safe side, I wouldn’t type your current password in there.

So, I typed in the ‘AbC12345’ only to find out that an AI would take roughly 48 minutes to figure it out. The more extended and more random the character set, the more difficult it is for the AI to predict it. The most common password of 2023 was, according toCybernews,you guessed it, 123456, which would take PassGAN only six minutes to crack.

The AI struggles with passwords more than 12 or more characters long with a mixture of numbers and upper and lower case letters, and a password with 18 characters could take up to 7 billion years to crack. However, the most commonly used passwords are usually eight or fewer characters.

Windows 11 review: What we think of the new OSHow to install Windows 11: Safe and secure installWhat you need to know before upgrading: Things to note before downloading the latest OSWindows 11 TPM requirements: Microsoft’s strict security policy

The researchers recommend using a password with at least 15 characters with at least two upper and lower case letters, as well as tossing in a couple of symbols. Another tip is to avoid using the same password for multiple accounts and changing them every three to six months.

I actually went back and typed in 123456.!!! And it went from six minutes to 356 years, so something is to be said about tossing a couple of symbols into your new password.The staff here at PC Gamer use password managers like LastPass, which keeps all your passwords in one safe place. However, if you want the maximum level of security, we recommend giving ourpassword primera look and protecting yourself.

The biggest gaming news, reviews and hardware deals

Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.

Jorge is a hardware writer from the enchanted lands of New Jersey. When he’s not filling the office with the smell of Pop-Tarts, he’s reviewing all sorts of gaming hardware, from laptops with the latest mobile GPUs to gaming chairs with built-in back massagers. He’s been covering games and tech for over ten years and has written for Dualshockers, WCCFtech, Tom’s Guide, and a bunch of other places on the world wide web.

OpenAI has bought the URL of what used to be an adult video chat website for more than $15,500,000

Meta-funded regulator for AI disinformation on Meta’s platform comes under fire: ‘You are not any sort of check and balance, you are merely a bit of PR spin’

The first PUBG spinoff with real promise is a top-down take on Rainbow Six Siege