AI-generated passwords are fundamentally insecure despite appearing complex and passing standard strength meters. Research from cybersecurity firm Irregular and independent analysis from Kaspersky, released in February 2025, reveals that every frontier large language model generates structurally predictable passwords that standard entropy meters catastrophically overrate.
Key Takeaways
- AI models like ChatGPT, Claude, and Gemini generate highly predictable passwords, not truly random ones.
- Claude produced only 23 unique passwords from 50 prompts, with one string repeating 10 times.
- AI-generated passwords pass strength checks but fail entropy validation due to LLM design flaws.
- Dictionary attacks can easily incorporate AI-generated credentials into automated cracking tools.
- Cryptographic random generators and passkeys are more secure alternatives to AI password generation.
Why LLMs Cannot Generate Secure Passwords
The core problem is architectural. Large language models work by predicting the most likely next token, which is the exact opposite of what secure password generation requires: uniform, unpredictable randomness. This is not a flaw in specific models but a consequence of how all language models generate text, making the issue consistent across vendors and platforms. When Irregular tested Claude, 50 prompts produced only 23 unique passwords, with one string appearing 10 times. In more recent research on Claude Opus 4.6, only 30 distinct strings emerged from 50 independent password generation attempts, with one sequence recurring 18 times—a 36 percent repetition rate. Over a genuinely uniform distribution across a 94-character printable ASCII alphabet, the probability of any specific 16-character sequence appearing twice in 50 draws is vanishingly infinitesimal.
The false security appearance compounds the risk. AI-generated passwords satisfy superficial heuristics—adequate length, case heterogeneity, numerical and symbolic characters, absence of dictionary fragments—and pass standard strength checks despite being predictable. Password-strength meters and policy engines evaluate length and character variety but do not detect nonuniform randomness. This gap between apparent complexity and actual entropy creates a dangerous blind spot.
How Attackers Exploit AI-Generated Passwords
Dictionary attacks represent the primary threat. Attackers use prepared lists of likely passwords with automated tools; adding AI-generated passwords to these wordlists requires minimal effort. Because every frontier LLM generates structurally predictable passwords, attackers can prioritize LLM-generated credentials in their attack sequences, dramatically reducing the effort needed to compromise accounts. The vulnerability becomes critical when AI coding agents autonomously embed these credentials in production infrastructure, configuration files, container setups, and initialization scripts without human review. Conventional secret scanners have no mechanism to detect LLM-generated passwords in code, allowing compromised credentials to persist undetected.
Organizations face a compounding problem: the credentials appear legitimate on inspection. They contain numbers, symbols, mixed case, and sufficient length. Yet their predictability makes them trivial targets compared to truly random strings. This creates a false confidence that undermines security posture across entire codebases.
What Security Experts Recommend Instead
Dedicated cryptographic random number generators offer the first alternative. Password managers employ these generators, which mix in real-world entropy to produce genuinely unpredictable strings. Passkeys represent a stronger long-term solution, shifting away from passwords entirely toward cryptographic authentication mechanisms that do not rely on memorized or generated secrets. If passwords must be used, organizations should avoid AI generation entirely and add multi-factor authentication to accounts as a compensating control. For infrastructure and code, entropy-aware analysis tools capable of evaluating character-position distributions—rather than merely pattern-matching against known formats—can detect when credentials lack proper randomness.
The research consensus is clear: do not rely on AI chatbots to generate passwords. ChatGPT, Claude, and Gemini all exhibit the same predictability flaw. Do not assume AI-generated passwords are secure based on their apparent complexity. Do not trust standard password-strength meters as definitive security validation for AI-generated credentials. The appearance of security is precisely what makes this vulnerability dangerous—users and organizations believe they have strong credentials when they have weak ones.
Should I use AI to generate passwords for my accounts?
No. AI-generated passwords are highly predictable and vulnerable to dictionary attacks, despite appearing complex. Use a dedicated password manager with cryptographic random generation instead, or enable passkeys if your service supports them.
Why do password strength meters say AI-generated passwords are strong?
Standard strength meters evaluate only length and character variety, not randomness distribution. They cannot detect when passwords follow predictable patterns, so they overrate AI-generated credentials that lack true entropy.
Can I use AI-generated passwords with multi-factor authentication?
Multi-factor authentication adds a layer of protection but does not fix the underlying weakness. A predictable password combined with 2FA is better than a predictable password alone, but a truly random password with 2FA is the proper security approach.
The lesson is uncomfortable but essential: the technology that makes generating passwords convenient—artificial intelligence—is precisely the technology that makes those passwords insecure. Until LLMs can be redesigned to produce true randomness rather than statistical likelihood, they should be excluded from any password generation workflow. For users and organizations, the path forward is clear: abandon AI password generation, adopt cryptographic alternatives, and implement passkeys wherever possible. Security requires unpredictability, and language models are built to do the opposite.
This article was written with AI assistance and editorially reviewed.
Source: TechRadar
