Study Finds AI Chatbots Repeat Passwords in 50 Tests, Undermining Security
Updated
Updated · ZDNet · Jul 14
Study Finds AI Chatbots Repeat Passwords in 50 Tests, Undermining Security
1 articles · Updated · ZDNet · Jul 14
Summary
Irregular found Claude, ChatGPT and Gemini produced patterned, non-random passwords across 50 generation requests, challenging the idea that chatbots are safe tools for creating credentials.
Claude generated only 30 unique passwords from 50 prompts in one test, with every password starting with a letter, often followed by 7, and one string showing a 36% chance of reappearing.
Those patterns matter because attackers can fold AI-style outputs into dictionary attacks, while truly strong password tools use cryptographically secure pseudorandom number generators to avoid predictable sequences.
The researchers noted better prompting might improve results, but typical users are unlikely to engineer prompts when password managers, dedicated generators and passkeys already offer stronger options.