Will 2025 Be the Year You Learn What Honeywords Are, and Why Attackers Hate Them?

Know what attackers hate when trying to breach a system? Honeywords. Every single one is a tripwire designed to blow their cover. Here’s how: Mixed in with actual passwords, honeywords are decoys set to raise alarms if attackers use them. 

Today, the battle for your data has escalated, with AI-driven attacks moving faster and smarter than ever. According to Microsoft, attackers aren’t breaking in; they’re signing in. More than 97% of identity-based attacks are password attacks, and in the first half of 2025 alone, they surged by an alarming 32%. 

Meanwhile, MIT researchers found that 80% of 2,800 ransomware attacks in 2024 were executed by AI-enabled threat actors. AI is now optimizing each phase of the Cyber Kill Chain and making attacks more targeted and resilient.  

Honeywords - invented nearly a decade ago as a powerful shield against offline password cracking - are evolving again. The battle swords are drawn, and this time AI is rewriting the rules for both attackers and defenders.  

The password trap attackers love to hate: What are honeywords in cybersecurity? 

Honeywords are cleverly crafted decoys stored alongside real passwords in a secure system.  

When attackers steal a password file, they face a daunting task: Which passwords are real, and which are fake? The system’s “honey checker” tracks login attempts. So, when an attacker uses a honeyword, defenders get an alert. 

The concept of honeywords was pioneered in 2013 by cryptography experts Ari Juels and Ronald Rivest - yes, the “R” in RSA encryption - and presented in their groundbreaking article Honeywords: Making Password Cracking Detectable. 

Their approach was simple: If one real password (“sugarword”) is stored alongside multiple fake credentials for each account, this creates significant uncertainty for attackers. 

So, with hundreds or thousands of accounts, every login attempt becomes a statistical gamble: The attackers risk triggering alarms by using honeywords instead of the real password.  

So, how did Juels and Rivest come up with honeywords that could throw attackers off the scent? 

Long before cutting-edge AI algorithms took center stage, these heuristic honeyword generation techniques held court: 

• Chaffing by tweaking: This method modifies the “tail” of real passwords by tweaking letters, numbers, and symbols. For example, a user-supplied password like “BG+7y45” could be modified into honeywords like BG+7q03 | BG+7m55 | BG+7d63 | BG+7o92 

• The modeling-syntax approach: Here, the password is parsed into a sequence of tokens, each representing a word or number. For example, “mice3blind” is represented by the token sequence W4|D1|W5, meaning a 4-letter word followed by a 1-digit number and a 5-letter word. Honeywords are generated by replacing the tokens with values that match, such as “ring9frodo.” 

• Chaffing with “tough nuts”: This honeyword generation technique makes honeywords harder to crack, as they’re made up of long, random strings. “Tough nuts” are computationally impractical to reverse engineer from their hash values. An example is 9,50PEe]KV.0?HTeOtc&L-:IJ"b+Wol<*[!NWT/pb 

For a while, the above chaffing methods formed the backbone of account security. 

But here’s the thing about digital defense: Change is constant, and the race never ends. 

When security theater becomes dangerous: What are the limitations of heuristic honeyword generation? 

In 2018, a team of researchers at Peking University tested the real-world effectiveness of these methods against real data. 

They gathered ten massive password lists. That’s a total of 104.36 million real-world passwords from breaches at Yahoo, LinkedIn, Dropbox, Rockyou, e-commerce sites, and even the Qatar National Bank. 

Then, they used various cracking methods to “attack” heuristic generation techniques like tweaking-by-tail and modeling syntax. 

The results weren’t pretty. 

With twenty passwords per account (nineteen honeywords plus one real password), an attacker should only have a 5% chance of guessing correctly (that’s one in twenty). 

What the researchers found was that attackers guessed correctly from 29.29% to 32.62% of the time.  

When they used more advanced password cracking tools, the success rate reached 34.21% to 49.02%. 

And most devastating of all: When the attackers exploited PII like phone numbers, birthdays, and emails from past breaches, the success rate hit 56.81% to 67.98%. 

The researchers concluded that heuristic methods – the foundations of most honeyword systems at the time – were inherently broken. 

This is because users don’t naturally choose passwords that are random. Remember: Predictable sequences like “123456” are still being used by millions today.  

This follows Zipf’s law, where the most common passwords will appear much more frequently in a dataset than less common passwords.  

To illustrate, attackers know that passwords like “123456,” “qwerty123,” and “iloveyou456” are more common. So, if a honeyword list includes one of these high-frequency passwords amidst several obscure ones, attackers can guess the real one quite easily. 

Now, here’s where things get interesting. Researchers looked at the damage and asked, "What if we tried something smarter, like algorithms that mimic how nature solves impossibly hard problems?” 

That’s where metaheuristics come in. 

Remember, the core issue is simple: You must generate fake passwords (honeywords) that are indistinguishable from the real one.  

The reason heuristic methods fail is because real passwords aren’t random. They often include personal info, follow familiar keyboard patterns, and reflect cultural influences. 

This is exactly the kind of problem that swarm intelligence was built for. 

AI to the rescue: Can these advanced honeyword generation algorithms outsmart attackers? 

Leveraging AI, researchers have now introduced three (3) swarm intelligence metaheuristic (high-level problem-solving) algorithms: The Bees, Salp Swarm, and Meerkat Clan. 

But what’s swarm intelligence? 

In a nutshell, swarm intelligence is about a group of animals using simple rules to work collaboratively, so they act as a smart, adaptive team. 

Let's start with the algorithm inspired by the natural foraging behavior of honeybees. 

The Bees algorithm 

In a honeybee colony, scout bees are the “elite” bees tasked with selecting the best nectar sources from flower patches.  

When a scout bee finds an excellent patch with plenty of nectar, they perform a special “waggle” dance back at the hive, inviting “recruit” bees to explore the patch. Meanwhile, other recruit bees go off in search of new, random places in case there’s an even better patch out there.   

If negative feedback ensues after exploring a patch, the patch is abandoned, and a new search begins.  

Here’s how the Bees algorithm works in honeyword generation:  

• First, passwords are tokenized into different character types:  

- alphabet tokens 

- digit (number) tokens 

- special character tokens 

• Tokens refer to components of the real password (sugarword) that are modified to generate plausible honeywords. 

• The alphabet tokens act like scout bees. They “explore” variations of alphabets and evaluate their fitness as fake password components.  

• Meanwhile, digit tokens and special character tokens are randomly generated.  

• All three types of tokens are then combined to form honeywords that resemble the original password, yet are distinct enough to throw attackers off the trail. 

The Salp Swarm algorithm (SSA) 

This algorithm is inspired by salps, barrel-shaped, gelatinous marine creatures. Salps search for food in deep waters in swarms or salp chains. 

Each salp chain is divided into sub-chains. And each sub-chain has its own leader and followers. The leader scouts ahead, while followers adjust in response. This helps them cover a lot of ground efficiently. 

Like the Bees algorithm in honeyword generation, the Salp Swarm algorithm (SSA) searches for “best solutions” by balancing exploration and exploitation (zeroing in on good options).  

The alphabet tokens, digit tokens, and special character tokens function as salps. The most important tokens, of course, are the alphabet tokens, as they are the main target for attackers attempting to guess passwords. 

So, here’s how the Salp Swarm algorithm works:  

• The “leader” of each chain tries different changes to the original password via inserting, deleting, translocating, or swapping characters.  

• The “followers” copy the leader’s best moves to keep “improving” the fake passwords. 

• The alphabet tokens act as salps. 

• The digit tokens and special character tokens are randomly generated and also act as salps. 

• All three types of tokens are eventually combined to form complete honeywords.   

• Like salps swimming towards the food source, the algorithm mimics this natural swarming behavior to produce candidate honeywords that resemble the real password (food source).  

In other words, the goal is to optimize the fake passwords (honeywords) so that they “move towards” or look like the real passwords, balancing similarity and distinctiveness. So, decoy passwords might look like this: sky223, sky!23, sly124 

The Meerkat Clan algorithm 

Real meerkats live in cooperative packs or clans, often ranging from three to 25 members in each. Clans are led by a dominant male and female.  

To survive, members of the pack split up key tasks.  

Some take turns as sentinels that watch for predators, while others forage for food. Meanwhile, “helpers” care for the young and are tasked with defending newborn pups against neighboring meerkats, who would kill them in intergroup conflicts. 

Clans have a clear social hierarchy and often make decisions through consensus.  

The Meerkat Clan algorithm (MCA) borrows these ideas for honeyword generation: 

• As clan members defend and care for pups, the MCA builds honeywords to protect your real password (pup). 

• Just as meerkats are split into groups to handle tasks, the MCA divides the honey generation process into different “clans.” Each clan works on creating variations of the real password. 

• Meerkat clans participate in communal decision-making. In the MCA, the alphabet, digit, and special character tokens work together to generate honeywords. This teamwork builds a more diverse honeyword pool. 

• Just like clans have different approaches to foraging or defense, the MCA uses various properties to modify your password.  

This includes closeness (structural similarity), quality (high effectiveness), diversity (variety among candidates), stability (consistent performance), and adaptability (ability to allow fine-tuning).

 

These properties help produce candidate honeywords that mimic the real password but introduce enough variation to confuse attackers. So, decoy passwords for “grass123” might look like this: grass124, grasp123, grass!23 

• Meerkat societies are organized so all members play a role. MCA assigns different tasks to each clan member and lets them learn from what works and what doesn’t, constantly refining their results. 

Ultimately, the Bees algorithm, SSA, and MCA are metaheuristic (high-level problem-solving) techniques that simulate cooperative, social behaviors in the animal kingdom. Here’s what sets them apart from the previous broken heuristic methods: 

• They “learn” which passwords are most common by analyzing real datasets. Then, they internalize these patterns so they can generate honeywords that follow these same properties. 

• They optimize for “flatness.” This means that, when an attacker looks at a list of sweetwords (the real password + honeywords), they can’t tell the difference between them. In other words, they have an equal probability of guessing which one is real. The nature-inspired algorithms are given a clear goal: Make every honeyword equally likely to be the real password. And iterate until you hit the target. 

Here, the story takes an interesting turn. 

How do Bernoulli honeywords build on swarm intelligence? 

Enter two researchers from Duke University. 

In 2024, Ke Coby Wang and Michael K. Reiter introduced the concept of Bernoulli honeywords. 

While algorithms like MCA and SSA were getting better results than the old heuristic methods, they still faced a fundamental challenge: If attackers knew more about users than defenders, they would still be able to recognize decoy honeywords. 

In contrast, the Bernoulli method treats each possible password from a list as a potential honeyword, with some fixed probability (or chance).  

This means the system looks at a list of passwords and decides with a “set” chance, like a 5% chance, which password will be picked as a decoy. 

The system then randomly includes real-looking passwords as decoys based on this fixed chance.  

This makes it harder for attackers to know which password is real because there’s a wide, random mix of decoys that seem just as likely to be real.  

Here’s the beauty of the Bernoulli approach. With it, Wang and Reiter could write down actual mathematical formulas for: 

• False alarm probability or how likely an alarm is raised, even when no attackers have broken in 

• True detection probability or how likely the system catches attackers who do break in 

Remember how Peking University researchers showed that when attackers knew the personal info of users, success rates for password cracking jumped as high as 68%? 

The Bernoulli method doesn’t care what attackers know, whether it’s your birthday, favorite dessert, or pet’s name. It uses math with a fixed probability (chance) to randomly pick which passwords become decoys, independent of any personal knowledge of your habits.  

In legacy honeyword systems, the act of trying a likely password raises an alarm. Even if the attacker is unsuccessful, the attempt still raises the alarm. Over time, this results in many false alerts.  

With Bernoulli, false alarms don’t increase just because the attacker knows your birthday or favorite sports team. This gives defenders a clear, more reliable way to catch attacks without being burdened by false alarms. 

That said, the fight isn’t over, and we explain why in the next section. 

The war zone: How is AI fueling password cracking attacks? 

In cybersecurity, every defense is countered (eventually). 

It’s an uncomfortable truth, given the current threat landscape. 

In 2024, researchers from Texas A&M University created PassFilter, a deep-learning framework designed to learn and identify subtle patterns in how humans choose passwords. 

And it’s devastatingly effective. Against legacy honeyword generation techniques like tweaking-by-tail or chaffing-with-a-password-model: 

• PassFilter was able to identify the real password between 6% to 53% of the time on the very first guess.  

• With more attempts, its success rate increased. It could identify real passwords 42% to 97% of the time after five (5) login attempts. 

So, how does it work? Essentially, PassFilter employs convolutional neural networks (CNN) trained on large datasets of real and decoy honeywords. Its enhanced processing speed and spatial pattern recognition capacity allows it to distinguish genuine passwords from fake ones with high success rates.  

This poses a significant threat to systems relying on honeywords for deception. 

But don’t fret: While the password security game just got exponentially harder, you have an ally in your corner. 

As AI boosts server-side defenses, how does LastPass protect you now? 

According to The Hacker News, businesses continue to struggle with preventing password cracking attacks. 

In over 160 million attack simulations conducted within business networks worldwide in 2025, Picus Labs found that password cracking attempts succeeded in 46% of those environments. 

To counter, researchers have proposed combining the use of honeywords with video click-based CAPTCHA challenges. 

Here’s how it works: When attackers enter a decoy honeyword, the system triggers a video CAPTCHA. The video CAPTCHA acts as a behavioral filter, separating bot actions from human. This helps reduce false positives and service interruptions for legitimate users. 

As AI boosts server-side defenses with video click-based CAPTCHA challenges, LastPass protects you client-side right now, on your own devices. 

If you’re doing business today, LastPass helps you block AI-powered password cracking attempts at the entrance: 

• AES-256 encryption: This is military-grade protection, the same one used by the NSA, federal agencies, and the military to protect Top Secret data.  

• URL encryption: With LastPass, URLs tied to login credentials are stored in an encrypted state in your vault. And in 2025, you can even get reports to see if users have enabled URL encryption for their vaults.  

• Zero knowledge architecture: Our new, purpose-built security architecture is the culmination of several years of dedicated, determined effort to provide world-class security you can depend on. Watch CEO Karim Toubba discuss how LastPass is bringing smarter credential security to businesses at RSAC2025. 

With our state-of-the-art transformation, we reaffirm our commitment to your security and privacy through a Zero Knowledge framework. And in the spirit of transparency, you can get close-to-real-time monitoring updates for each of our compliance controls in our new Compliance Center.

 

Finally, zero knowledge means exactly what you’re thinking: You’re the only one who can decrypt your data. Not even LastPass can access the contents of your vault. 

• Key rotation for federated users: As a LastPass Business user, you can also set up a “recurring vault re-encryption" policy. With regular key rotation and vault re-encryption, your business data and intellectual property are kept safe from prying eyes. Your vault security stays rock solid, invalidating old keys with every rotation. 

This allows you to protect daily operations and business continuity, giving you (and your customers) peace of mind. 

• FIDO2 MFA: Added to the above, FIDO2 MFA with hardware security keys or passkeys is a force multiplier for credential security. 

Each login is tied to your device and cryptographic proof of your identity. Even if an attacker tries to use AI methods to break in, they still can’t access your vault contents without your physical device and biometric data.

 

From cutting-edge encryption to advanced FIDO2 MFA, we make sure your credentials are locked tight, while still being easy for you to manage. Best of all, you can unlock all the above and more with a free Business Max trial today. 

 

Don’t have a business? Enjoy a 30-day LastPass Premium trial.  

No credit card registration is required for either because we want you to experience the peace of mind that comes with being a valued LastPass subscriber.  

Sources 

https://cams.mit.edu/wp-content/uploads/Safe-CAMS-MIT-Article-Final-4-7-2025-Working-Paper.pdf

https://blogs.microsoft.com/on-the-issues/2025/10/16/mddr-2025/

https://www.infosecurity-magazine.com/news/honey-encryption-joins-honeywords-and-honeypots/

https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_02B-2_Wang_paper.pdf

https://education.nationalgeographic.org/resource/strength-numbers/

https://ieeexplore.ieee.org/document/9833598

https://people.csail.mit.edu/rivest/pubs/JR13.pdf

https://irjiet.com/common_src/article_file/1737617038_3957cb4ed2_9_irjiet.pdf

https://iasj.rdd.edu.iq/journals/uploads/2024/12/08/d10451ce6588a20cbcb7264c2eb1b37f.pdf

https://pdfs.semanticscholar.org/3920/56b275b2579c631135fa26cb97fd8e1dd76e.pdf

https://iasj.rdd.edu.iq/journals/uploads/2024/12/05/11622fbdfe9a4465384c85ce14404cc6.pdf

https://www.ndss-symposium.org/wp-content/uploads/2024-295-paper.pdf

https://arxiv.org/pdf/2407.16964

https://ieeexplore.ieee.org/document/10958889