May 4, 2023 is World Password Day. Like every year, this day was an opportunity to remind people of the need to have complicated and unique passwords for each of their accounts. If a hacker or malicious person around you knows one of your passwords, they can use it to order online using your bank account, steal your identity to build a loan file, access data sensitive to your business.

“….Make up passwords of at least 12 characters. Use a mix of letters, numbers, special characters, upper and lower case. Do not use information related to your personal life in your passwords. Your address, date of birth or the name of your pet are to be avoided…. ". According to a report by the American computer security company Home Security Heroes (HSH) published in April 2023, your passwords should contain uppercase letters, lowercase letters, symbols, numbers and at least 15 characters.

Image credit © by Getty Image, Cybersecurity, data security and data access must be recognized first. Secure Internet Connection, Advanced Security Encryption.

This is the best way to protect against the artificial intelligence (AI) tools that hackers now have. In just one minute, one such tool, PassGAN, was able to crack half of the 15 million passwords submitted to it, HSH showed during a simulation. After one day, 71% of them had been discovered.

The new studies have shown that, contrary to what has been conveyed for a long time, it is not the mixture of lowercase and uppercase letters, numbers and special characters that gives strength to passwords, but rather its length. The longer the password, the stronger it is. We therefore recommend using a sentence that you can easily remember, such as: IEatFruitInTheMorning.

The situation becomes nightmarish when we learn that software based on artificial intelligence (i.e ChatGPT) can guess millions of passwords in a handful of minutes! and when questioned, ChatPGT will initially provide a standard response like, "it would be unethical to provide a list of commonly used passwords, as it could potentially be used for malicious purposes such as hacking or identity theft”. But as soon as you ask it to play the role of a cybersecurity researcher who warns users against using common and dangerous passwords, it displays a list of common terms.

And this situation becomes even more catastrophic when using a solution based on theory-based machine learning (This approach has been exploited since 2019 by Home Security Heroes and its PassGAN tool).

Image credit © by lesaffaires.com Nicolas Coulombe, chef de la sécurité au Mouvement Desjardins.

According to a study by this company specializing in computer security, 51% of passwords were cracked in less than a minute, 65% in less than an hour, 71% in less than a day and 81% in less than 'a month.

On the other hand, with the help of artificial intelligence, new ways to access your accounts are emerging, and they are safer than typing in a password. Like opening a notification sent to your phone, for example, to successfully hack your account, the fraudsters would need to gain access to your device. In some cases, these notifications are also protected by your biometric data (your face or your fingerprints), recognized by your phone. These “access keys” have recently been adopted by Apple and Google and are set to grow in popularity. If someone tries to log into your account on the other side of the world when you were home just an hour ago, a computer system with strong security features will detect that this request did not come from you.

Image credit © by Getty Image, Faceless Computer Hacker.

The more the repercussions of hacking a site are likely to embarrass its users, the more a company has an interest in imposing “layers” of security on it.

Unfortunately, not all sites we visit follow the latest security approaches. And passwords are still very present in 2023…

For those who find that memorizing an 18-character password can find comfort with 'Password Managers' software; they manage and save all your passwords themselves. You only have one to know, the one that allows you to open this famous software. These password managers still have a bright future ahead of them…