AI Password Cracking in 2025: What Large Language Models Changed
AI-assisted password cracking is not about brute force anymore — it is about pattern prediction. Here is what PassGAN, PersonGAN, and LLM-assisted attacks actually do.
What AI actually changed about password cracking
AI didn't make brute force faster — that's a GPU problem, not an AI problem. What AI changed is the smarter end of the attack spectrum: guessing passwords based on patterns, personal information, and behavioural tendencies rather than exhaustive search. The threat is more targeted and more effective against the category of passwords humans actually choose.
PassGAN: learning password patterns from breach data
PassGAN (Password Generative Adversarial Network), published in 2019 and improved since, trains on leaked password datasets to learn the statistical distributions of how humans construct passwords. It generates novel password candidates that match the style of real passwords more closely than traditional dictionary attacks.
In evaluations against the RockYou dataset, PassGAN matched or exceeded traditional rule-based tools on passwords that didn't appear in standard dictionaries — particularly for passwords that followed common human patterns (keyboard walks, leet substitutions, word+number+symbol structures) without being in any wordlist.
PersonGAN and targeted attacks
More concerning for high-value targets is PersonGAN and similar personalised attack approaches. These incorporate publicly available personal information — name, birthdate, location, family members, interests — to generate a personalised candidate list. Against targets who use any personal information in their passwords, personalised AI attacks dramatically outperform generic dictionary attacks.
This is why "secure but memorable" passwords built around personal facts are a category error. Your dog's name plus your birth year plus an exclamation mark is not a secure password because it's easy to remember — it's the exact pattern that personalised AI attacks are optimised for.
What AI-enhanced cracking cannot beat
Cryptographically random passwords and passphrases remain AI-resistant, because they have no pattern. A password generated by crypto.getRandomValues() from a 95-character pool contains no information about you, no keyboard walk, no substitution pattern. There is nothing for an AI model to learn from and nothing to exploit.
PassGeni's entire architecture is built on this: FIPS 140-3 compliant randomness, no predictable seeding, DNA Score verification that specifically flags pattern-suggestive characters. The Profession-aware seeding adds memorability markers without reducing the cryptographic randomness of the rest of the character pool.