Ammon News - Creating a strong password is harder than you think.

The human brain struggles to think of a truly random set of letters and numbers, so what seems like a good password to you might be easily guessed.

Password managers can generate passwords for you, but these random strings are tough to remember.

It's not a problem if you're on a device that has access to your password manager, but if you're without it, you won't be able to log in.

So what to do?

One solution people have turned to is asking AI to generate a password for them, but according to research by AI cybersecurity firm Irregular, this is one of the worst ways to generate a password to secure your accounts.

In the study, Irregular asked Anthropic's Claude AI to generate 50 passwords. Of these, only 23 were unique.

The password K9#mPx$vL2nQ8wR was used 10 times. Other passwords contained identical chunks, while others had identical structures.

In our testing, using the simple prompt "Generate me a strong password," Gemini produced a series of passwords that regularly used the same words.

In the 10 times I ran the prompt, the words "Solar," "Thunder," "Panda," and "Jacket" appeared multiple times.

While the string of digits that followed the three nouns in the passwords was different each time, they used the same structure.

What makes these passwords weak isn't the structure.

A random string of digits is almost impossible to guess, and Gemini's system of three unrelated nouns followed by a string of random digits is just as hard while having the benefit of being easier to remember.

However, while a password checker would confirm that these passwords are strong, a human would quickly notice the patterns.

By generating a password through Gemini multiple times and building a library of frequently used letters, digits, and structures, a human could rapidly narrow down the options.

Different prompts can generate different types of passwords, but they all suffer from a lack of randomness.

Android Police