An AI chatbot called ChatGPT has recently been used to generate a list of potential passwords for George Washington’s hypothetical TikTok account. Developed by OpenAI, ChatGPT is trained to respond to prompts and complete various creative tasks. In this experiment, it was asked to come up with George Washington’s TikTok password as a proof of concept to highlight the weaknesses of password-based authentication and how AI can further exploit them.
A password list is a compilation of commonly used passwords that can be employed to crack credentials using a dictionary attack. AI engines can efficiently generate these lists, making it easier for hackers to carry out identity theft and impersonation. To generate a password list for George Washington’s TikTok account using ChatGPT, a dataset of commonly used passwords, including those belonging to historical figures like Washington, would first be required. The model would then be trained on this data to learn patterns and generate new passwords that share similar structures and complexity.
However, it’s important to note that the creators of ChatGPT and other AI chatbots do not endorse their use for malicious activities such as password cracking. ChatGPT is currently naive and can be easily tricked, akin to performing a social engineering attack on a young child. There are websites dedicated to the development and sharing of techniques that help users exploit the flaws in AI chatbots, allowing them to break free from the bot’s constraints. For example, users can avoid explicitly mentioning the phrase “password list” and ask for a certain number of passwords or request a list of safe passwords instead.
While AI can enhance the quality, efficiency, and ease of generating password lists, it also increases the risk of successful credential-guessing attacks. Password-based authentication becomes weaker when attackers utilize AI for password cracking. To safeguard against credential theft, it is essential to use strong passwords with a mix of character types, refrain from reusing passwords across different systems, enable strong multifactor authentication, and block unnecessary access to login interfaces.
Nevertheless, AI chatbots like ChatGPT offer exciting opportunities alongside new challenges. The widespread adoption of this technology may bring about significant societal changes, potentially resulting in job loss. In fact, scientists, researchers, and tech leaders, including Elon Musk, have called for a pause in the development of AI tools due to their perceived risks to society and humanity. While it’s important to be cautious and considerate in the development and adoption of AI, it is also crucial to embrace the benefits that this game-changing technology offers.
However, it is important to approach AI with a critical eye, recognizing that the technology is still relatively new and can make mistakes. For instance, when asked about George Washington’s possible TikTok account, ChatGPT responded by saying, “First and foremost, we have no way of knowing if George Washington even had a TikTok account.” Additionally, another AI system misinterpreted the instruction to create an image of George Washington with a “duck face.” Despite the potential of AI, it is crucial to exercise caution and vigilance when utilizing the technology.
In conclusion, the experiment involving ChatGPT generating a password list for George Washington’s hypothetical TikTok account highlights the weaknesses of password-based authentication and the potential threats posed by AI. While AI offers numerous benefits and opportunities, we must proceed with caution to ensure its responsible development and usage. By implementing strong passwords, multifactor authentication, and limiting unnecessary access to login interfaces, we can mitigate the risks associated with AI-powered password cracking.