If you needed a strong password, would you ask AI to create one for you?
At first glance, it sounds like a smart idea.
Tools like ChatGPT and Copilot can write emails, build reports, and even help with code. So generating a 16-character password full of symbols and numbers seems like an easy win.
But there’s a problem.
Researchers recently tested AI-generated passwords to see how secure they really are. On the surface, they looked strong. Long combinations of uppercase letters, lowercase letters, numbers, and symbols.
Even password strength checkers gave them high scores.
But once researchers looked closer, the results told a different story.
AI tools are built on large language models, which are designed to predict patterns in text. They’re great at creating content that looks natural and convincing.
What they’re not built for is true randomness.
And that matters because strong passwords depend on randomness.
When researchers analyzed AI-generated passwords, they found repeating structures and predictable patterns. Some passwords were even duplicates.
One surprising detail. None of the passwords contained repeating characters.
That may sound secure, but real randomness often includes repetition. The lack of it suggests the AI was following learned patterns instead of generating truly unpredictable results.
Researchers also measured the passwords’ “entropy,” which is basically how unpredictable a password is.
The AI-generated passwords scored much lower than a truly random 16-character password should.
In other words, they may be easier for attackers to crack than they appear.
Most online password checkers miss this because they only measure visible complexity. They see symbols, numbers, and mixed-case letters and assume the password is secure.
They don’t detect hidden patterns.
Even newer AI models have started warning users not to rely on AI-generated passwords for sensitive accounts.
Here in Richmond and across Central Virginia, we see a lot of businesses leaning into AI tools to save time and work more efficiently. That’s a good thing. But security basics still matter, and passwords are one area where the old-fashioned approach is still the safer one.
The better option?
Use a password manager with a built-in password generator. These tools use cryptographic randomness specifically designed to create secure, unpredictable passwords.
AI is great for productivity. But when it comes to protecting your business, this is one shortcut worth avoiding.
Are your employees still creating passwords manually? It may be time to review your password security strategy.
Share this post
