Your password may not be as strong as you think: the artificial intelligence model PassGAN can guess 51% of passwords in less than a minute, 65% in less than 60 minutes, and 71% in just one day. And within a month it can crack 81% of passwords.
A study by Home Security Heroes also found that four-six character passwords are the easiest to guess. Even if they are not only numbers, but also symbols, uppercase and lowercase letters, AI immediately cracks such passwords. It would only take AI about seven hours to crack an eight-digit password containing a variety of letters, symbols and numbers. And it will be able to crack all the mentioned versions and the nine-digit password in two weeks.
PassGAN uses the Rockyou dictionary as input data, which is specially created for guessing passwords and contains 15 million entries. The key to PassGAN's success is said to be that it "autonomously learns real password distributions during real leaks."
As the study showed, the well-known advice of cyber security experts should be followed. A password must be at least 12 characters long, contain uppercase and lowercase letters, numbers, and special characters.
It would take AI about 30,000 years to crack a password that meets all of these criteria. And an 18-character password containing numbers, letters and characters is generally considered unbreakable: it would take AI six quadrillion years to predict it.
You can check how strong your password is on the survey results page. Home Security Heroes claims that the data entered in this field is not stored or transfered anywhere. There is no reason to doubt it, but in any case, it is not worth entering real passwords there.