wilfredAbsolutely fasinating read!
"Whenever AI-generated code produces LLM-generated passwords, these passwords may be significantly weaker than they seem. If tools are developed to effectively enumerate these passwords in a way that matches their actual entropy, this may make effective brute-force attacks possible again where they would not have been possible previously."
#password #llm #security #privacy #ai #tech
https://www.irregular.com/publications/vibe-password-generation
Vibe Password Generation: Predictable by Design - Irregular
LLM-generated passwords appear strong, but are fundamentally insecure. Testing across GPT, Claude, and Gemini revealed highly predictable patterns: repeated passwords across runs, skewed character distributions, and dramatically lower entropy than expected. Coding agents compound the problem by sometimes preferring and using LLM-generated passwords without the user’s knowledge. We recommend avoiding LLM-generated passwords and directing both models and coding agents to use secure password generation methods instead.