“LLM-generated passwords…appear strong, but are fundamentall...

Advertise here with Carbon Ads

Socials & More

This site is made possible by member support. 💞

Big thanks to Arcustech for hosting the site and offering amazing tech support.

When you buy through links on kottke.org, I may earn an affiliate commission. Thanks for supporting the site!

kottke.org. home of fine hypertext products since 1998.

Beloved by 86.47% of the web.

🍔 💀 📸 😭 🕳️ 🤠 🎬 🥔

posted Apr 1 @ 07:42 PM by Jason Kottke · gift link

“LLM-generated passwords…appear strong, but are fundamentally insecure, because LLMs are designed to predict tokens – the opposite of securely and uniformly sampling random characters.”

Vibe Password Generation: Predictable by Design - Irregular · irregular.com

LLM-generated passwords appear strong, but are fundamentally insecure. Testing across GPT, Claude, and Gemini revealed highly predictable patterns: repeated passwords across runs, skewed character distributions, and dramatically lower entropy than expected. Coding agents compound the problem by some