Bỏ qua đến nội dung chính
Back to home
AI Tech tools-ai 2 min read

The security risks of letting an AI chatbot generate passwords for you 🔐

A new study warns that using AI chatbots to generate passwords creates predictable strings that are easy to crack due to a lack of true randomness.

Tier 2 · sources 99% confidence Reviewed
Sources zdnet.com

Many tech users today tend to use AI chatbots to generate random passwords to secure their accounts. However, a newly published study has issued a stern warning that AI-generated passwords are actually far less secure than we might think. Relying on artificial intelligence for this security task could inadvertently open the door for cyberattacks to occur more easily.

Detailed Developments

According to a report from ZDNet, security researchers conducted tests on the ability of popular large language models today to generate random character strings. The results showed that instead of creating highly chaotic and unpredictable strings, AI chatbots tend to repeat certain mathematical and linguistic patterns. This makes passwords generated by AI much easier to crack by specialized password-cracking tools in a shorter time compared to truly random passwords.

Technical & Technology Analysis

The nature of AI models (LLMs) is to operate based on probabilities and pre-trained data. When asked to generate a random string, the AI's algorithm is still influenced by probability distributions from the training dataset, leading to a lack of "entropy randomness" (true randomness). Certain characters, words, or numerical structures still appear with higher frequency than usual. In contrast, traditional password managers use cryptographically secure pseudorandom number generators (CSPRNG) to ensure that every character has an entirely independent probability of appearing.

Expert Opinions & Assessments

Cybersecurity experts advise users absolutely not to trust the password generation capabilities of commercial chatbots. Artificial intelligence is designed to produce logical and human-readable text, which is completely contrary to the principle of a strong password—it must be extremely chaotic and patternless. The market already has plenty of specialized and safer password management tools to handle this role.

Impact & Future

This study serves as a wake-up call for the Vietnamese tech community, where the adoption rate of AI for daily tasks is rising rapidly. In the future, as hackers' AI-driven attack techniques become increasingly sophisticated, understanding the limitations of AI in security is extremely crucial. Readers should return to traditional password generation methods or use built-in password managers on operating systems instead of fully relying on chatbots.