Password must contain a minimum number of characters.
Password must contain special characters.
Password must not have been previously used.
We’ve all been there. Staring at the screen as our attempts to create a strong, secure password are rejected over and over (and over) again.
This ubiquitous password frustration has led many digital travelers to turn to ChatGPT, the Gen AI chatbot that can do everything from write essays to generate code (it’s also a pretty good philosophical conversationalist).
Typing a simple prompt into ChatGPT, like “please create a strong password using my favorite movie trilogy Lord of the Rings,” takes far less mental energy than trying to remember, say, the name of your first pet goldfish.
It’s also pretty effective – producing passwords like “Sh1re@Frodo!RingBear3er” and “G@nd@lf!TheWh!te9Rivendell!#2001.”
So, should you use ChatGPT to create passwords for your online accounts? Is it safe? And why does your password have to be so complicated in the first place?
The science behind a strong password
Passwords are the first line of defense between your online accounts and hackers – they protect everything from your social media to your finances.
Cyber attacks are meant to catch you off guard, distract you, and ultimately exploit any vulnerabilities – like a weak password. Beyond economic consequences, a compromised account can also cause negative emotional and psychological side effects.
But what does “strong” mean when it comes to a password?
A strong password that can secure your accounts is at least 12 characters long and doesn’t include easily identifiable information (date of birth, for example). You should also mix in special characters and numbers for good measure.
Entropy, a measure of unpredictability, is particularly important when it comes to passwords. A high entropy can be achieved by a number of factors, including adding special characters and numbers and using longer passphrases. Measured in bits, the higher the entropy score, the stronger the password.
What ChatGPT can’t do
If you’ve tried ChatGPT out for yourself, you’ll notice the last line of text reads, “Please make sure you store this securely!” Even AI knows that a strong password is useless if it’s not kept safe – and it won’t be kept safe with ChatGPT.
And safe also doesn’t mean a sticky note or an Excel file. And it certainly doesn't mean trying to remember that password. Because the reality is, we’re not talking about securely storing just one password.
Think about all the accounts you use on a daily basis. If you start your day scrolling Instagram, then you’re already at one. These start to add up – ordering lunch from Grubhub, buying a new song on iTunes, scheduling a haircut on Vagaro – as do the passwords.
And to keep hackers out and your data secure (credit card numbers and addresses), each account needs a unique password. A reused password increases the risk of a hack. Like a key that works for every door of your house, that one password can open all your accounts.
What a password manager can do
So, should you use ChatGPT to create passwords?
Can ChatGPT create a password with high entropy (unpredictability)?
Think about this: If you and someone on the other side of the world put in the same ChatGPT prompt to create a strong password, how could you guarantee that you wouldn’t get the same response, i.e., the same password? You couldn’t.
Can ChatGPT securely store your passwords?
Nope (just ask it).
A strong, securely stored password, however, can be achieved with a password manager. (Even ChatGPT recommends one when prompted.)
A password manager generates a unique and strong password (outside of your master password) every time you make a new account with a built-in password generator. This password is then saved in an encrypted vault that’s only accessible to you, significantly reducing the risk of compromised credentials.
You can access your passwords on any device and then autofill them the next time you need them. With a password manager, your accounts are safe and accessible wherever you go.
ChatGPT might be a fun shortcut, but a password manager does all the work of creating, remembering, and filling in those passwords for you. It’s a one-stop shop to protect your digital identity.
Skip the chatbot and get a password manager.
