A laptop screen shows AI with an arrow pointing to a red password, hinting at why AI generated passwords may not be secure. A green Generate password button and a speech bubble saying, I dont trust it! appear, plus an abstract logo in the corner.

05 Jun AI generated password? Don’t trust with this security essential

Posted at 13:22h in Security by

 

Let me start with a simple question: if you needed a strong password, would you trust an AI-generated password?

It might seem like a sensible idea.

AI tools like ChatGPT and Copilot can write reports, draft emails, and even create code. So asking them for a 16-character password full of symbols and numbers feels like a quick, clever solution.

But it’s worth thinking twice.

Why AI-generated passwords may not be as secure as they appear

Researchers recently put AI tools to the test by asking them to generate secure passwords.

At first glance, the results looked impressive. The passwords were long and included a mix of upper and lower case letters, numbers, and symbols. When checked using online password strength tools, they scored highly. Some even suggested the passwords would take centuries to crack.

However, a deeper analysis told a different story.

The problem with patterns and predictability

AI systems are powered by large language models (LLMs). These models are designed to predict what text should come next, based on patterns they’ve learned during training. That’s what makes them so effective at producing natural-sounding content.

But that strength becomes a weakness when it comes to passwords.

AI isn’t designed to create true randomness, and strong passwords rely heavily on being unpredictable.

When researchers examined multiple AI-generated passwords, they found repeating patterns. Some passwords were duplicated, while others followed very similar formats.

Interestingly, none of the passwords contained repeating characters. While that might sound like a positive feature, true randomness often includes repetition. The absence of it suggests the passwords are following learned rules rather than being genuinely random.

Understanding entropy and why it matters

To properly assess security, researchers looked at entropy — a measure of how unpredictable something is.

The results showed that AI-generated passwords had significantly lower entropy than a truly random 16-character password.

In practical terms, this means they could be easier to crack using brute-force attacks, where attackers rapidly test large numbers of possible combinations.

Why password checkers can be misleading

Most online password strength tools focus on visible complexity. They check for a mix of letters, numbers, and symbols, then assign a score based on that.

What they don’t detect are the hidden patterns that can exist in AI-generated passwords.

So while a password may look secure on the surface, it could still be more predictable than you’d expect.

Even AI tools are warning users

Some newer AI models have started to acknowledge this limitation.

For example, tools like Gemini 3 Pro have issued warnings when asked to generate passwords, advising users not to rely on AI-generated credentials for sensitive accounts.

That, on its own, is a clear sign to proceed with caution.

What you should use instead

If you want properly secure passwords, a password manager with a built-in generator is the safest option.

These tools use cryptographic randomness — in other words, mathematical processes specifically designed to produce unpredictable results.

That’s exactly what strong password security depends on.

The bottom line

AI is a powerful productivity tool and can help businesses work smarter every day.

But when it comes to something as critical as password security, it’s simply not the right tool for the job.

Using the right tools for the right purpose helps keep your systems secure and reliable, giving you peace of mind and allowing you to focus on what matters most — running your business.

 

Concerned about how AI is being used in your business? We’re here to help. Get in touch to discuss the next steps and ensure your business stays secure.

 

At Apogee Solutions, we help local businesses to thrive with IT support that’s proactive, professional, and friendly. Built on a foundation of integrity, we ensure your systems remain reliable and secure, giving you complete peace of mind while being ready to support your growth.