61
LLM-generated passwords 'fundamentally weak,' experts say (www.theregister.com)
submitted 22 hours ago by fox@hexbear.net to c/chapotraphouse@hexbear.net
26 comments fedilink hide all child comments

The way LLMs work is by approaching the most "average" response given any particular input. It's why everything written by an LLM looks similar and always has the same voice.

Anyways, shockingly, the Machine That Generates the Average Output is bad at unique passwords.

Of the 50 returned, only 30 were unique (20 duplicates, 18 of which were the exact same string), and the vast majority started and ended with the same characters.

Imagine that an LLM tries to fit its outputs into a bell curve of potential responses, with each character in the output aimed to be as close to the middle as feasible (with a small randomization factor so it's not always the exact same). A good password's bell curve ought to be a completely flat graph where any character is just as likely to be chosen as any other character.

Use a password manager.

you are viewing a single comment's thread
view the rest of the comments
[-] rattlethatlock42@hexbear.net 40 points 22 hours ago

People ask AI for passwords? Bloody hell.

[-] Evilphd666@hexbear.net 12 points 20 hours ago

monke-beepboop Here I am blindly smashing buttons until it passes the requirements.

[-] chgxvjh@hexbear.net 8 points 19 hours ago

For 10 years my paypal password was sliding my finger over parts of 3 rows of the keyboard. I think I've changed it.

this post was submitted on 18 Feb 2026
61 points (100.0% liked)

Chapotraphouse

14277 readers
688 users here now

Banned? DM Wmill to appeal.

No anti-nautilism posts. See: Eco-fascism Primer

Slop posts go in c/slop. Don't post low-hanging fruit here.

founded 5 years ago
MODERATORS
LENINSGHOSTFACEKILLA@hexbear.net
corgiwithalaptop@hexbear.net
a_little_red_rat@hexbear.net
khizuo@hexbear.net
thelastaxolotl@hexbear.net
CoolerOpposide@hexbear.net