Modern hackers can crack complex passwords in a matter of days, and sometimes even instantly, using artificial intelligence and powerful graphics processors.Security systems have long used a method of hashing, which converts passwords into random sequences of characters.

EDnews reports that a new study in the field of cybersecurity has shown that traditional combinations of characters no longer provide reliable protection.

 For example, the password may be stored in a website’s database as an encrypted string such as . However, cybercriminals have learned to bypass this protection by creating lists of possible combinations and comparing these lists with hacks that have leaked onto the Internet.

According to a study by Hive Systems, neural networks like ChatGPT, when used with 10,000 Nvidia A100 graphics cards, can crack eight-character passwords consisting of only uppercase and lowercase letters and numbers in a short time. If the password has previously been leaked online, contains dictionary words, or has been reused on different sites, the cracking process is even faster.

A particular threat comes from powerful GPU clusters. For example, hackers with access to 20,000  chips can crack even long passwords. The researchers note that these hacks were carried out against randomly generated password combinations. Simple passwords such as “123456” or “qwerty” are cracked instantly.

The results of the study clearly show that traditional protection methods are no longer effective. Some large companies, such as Microsoft, are switching to “passkey” technology, a more secure authentication method that no longer uses passwords. This technology consists of a protected digital key stored on the user's device, for example, in a "TPM" (Trusted Platform Module) module or in Microsoft's encrypted cloud service.

However, most users still rely on an outdated password system.Experts recommend that passwords consist of at least 12 characters, numbers, special characters , and various letter combinations. It is also advisable not to use the same password on different sites and, if possible, enable two-factor authentication.

Madina Mammadova\\EDnews