Is Generative AI a Game-changer for Password Security?
The rapid growth of Generative AI (Artificial Intelligence) has huge implications for cybersecurity specialists, who can use it to reduce human error, improve efficiency and spot security issues. But, while these AI tools have many benefits, there have also been many concerns raised with respect to data security.
As the age-old adage goes, any new technology brings its own advantages and disadvantages.
While AI is predominantly used by IT specialists to heighten cybersecurity, malicious actors are using AI, specifically generative AI, to boost their hacking game. To maintain the integrity and security of their data, everyone—from individuals to organizations—must be up to date with today’s rapidly evolving IT security trends.
When cybersecurity infrastructures are compromised, passwords are most often the first line of defense to be breached. As generative AI is advancing in its ability to facilitate identity theft, this only makes it even more important to implement a strong password hygiene routine.
There are several password cracking tools that malicious actors employ to breach security infrastructures, ranging from those that use basic data models to those that use generative adversarial networks (GANs) to crack passwords more quickly and effectively, like PassGAN, a password cracking tool currently making waves on the internet.
Could PassGAN Crack Your Password?
A portmanteau of the word “password” and the acronym “GAN”, PassGAN is a newer kind of tool that uses AI to swiftly crack passwords.
Unlike other password-cracking software which employs straightforward data models and presumptions regarding password patterns, PassGAN has the capacity to evaluate and learn from data to become increasingly intelligent.
According to a Home Security Heroes study, PassGAN could decipher 51% of popular passwords in under a minute; complex passwords take a bit more time, but not much, with 65% deciphered in under an hour, 71% deciphered in under a day, and 81% deciphered in under a month. The study also found that passwords that incorporated both perfect length (more than eight characters) and complexity (special characters) turned out to be the most secure.
Is Your Data in Danger From PassGAN?
It is worth noting that similar password-cracking tools have been doing the rounds since 2017. Despite appearing to employ innovative, password-cracking technology, it is not a ground-breaking tool.
Only when there is a data breach can these tools be used to crack passwords. Hackers do not immediately obtain access to password details the moment a website is compromised; they will only be able to access the passwords’ encrypted “hash,” which is different from accessing accounts directly. Additionally, they would need to compromise a server to access accounts and effectively breach the network.
How Can You Secure Your Data?
Although password free alternatives and biometrics have recently become all the rage, the best way we can defend ourselves and the integrity of our data is by using proper password hygiene.
These tools aren’t devoid of errors of biases, so for now passwords continue to be the primary and easiest method of authentication. Implementing a set of basic security hygiene procedures—such as ensuring and enforcing strict password policies, compliance with NIST and GDPR regulations, incorporating MFA controls, periodic vulnerability scanning and patching of endpoints, changing passwords on a regular basis, and never using the same password—can make a world of a difference.
Comments are closed.