Don’t trust AI with this security essential • Blisstech Solutions

Let me start with a question: If you needed a strong password, would you ask AI to generate one for you?

It sounds reasonable enough. 

Tools like ChatGPT and Copilot can write reports, draft emails and even create bits of code. Asking them for a 16-character password packed with symbols and numbers feels like a smart shortcut.

But you might want to rethink that. 

Researchers recently tested AI tools by asking them to generate secure passwords. 

On the surface, the results looked great. Long strings of mixed-case letters, numbers and symbols. 

When checked using online password strength meters, they scored highly. Some tools even suggested it would take centuries to crack them.

But when those passwords were analysed properly, a different picture emerged.

AI systems are powered by something called a large language model, or LLM. That means they’re trained to predict what text should come next. They’re brilliant at producing text that looks natural and plausible.

What they are not designed to do is create true randomness.

And strong passwords rely on randomness.

When researchers examined dozens of AI-generated passwords, they found repeating patterns. Some passwords were duplicates. Many followed very similar structures. 

Interestingly, none of them contained repeating characters. 

That might sound like a good thing, but real randomness often includes repetition. The absence of it suggests the password is following learned rules rather than being generated unpredictably.

The researchers measured something called “entropy”, which is a technical way of describing how unpredictable something is. 

AI-generated passwords scored far lower than a genuinely random 16-character password should. 

That means they could be much easier to crack using a brute-force attack, where attackers try huge numbers of combinations very quickly.

Online password checkers don’t catch this because they only look at visible complexity. 

They see symbols and numbers and assume it’s secure. They don’t account for the hidden patterns created by AI.

Even newer models like Gemini 3 Pro have issued warnings when asked to generate passwords, advising people not to rely on chat-generated credentials for sensitive accounts. 

That should tell you something.

If you want properly secure passwords, use a password manager with a built-in generator. 

These use cryptographic randomness, in other words, mathematical processes specifically designed to create unpredictable results.

AI is an excellent productivity tool. But when it comes to security essentials like passwords, it’s the wrong tool for the job.

If you’d like help choosing the right password manager for your business, get in touch. 

More Content

What is Proactive Monitoring and how can it protect your business?

How proactive monitoring will help your business weather any storm. You are the captain of your business's ship. You have a loyal and skilled team behind you. You are ready for any challenge! Or so you thought. Then, one day, without warning, a vast digital monster...
Microsoft finally fixes these Teams issues

Microsoft finally fixes these Teams issues

Notice how tiny tech quirks can disrupt an otherwise productive day?
Some long-requested fixes are finally rolling out in Microsoft Teams.
The kind of changes that remove those everyday irritations you’ve probably stopped complaining about because “that’s just how it is”.
But not for much longer…

What to do when disaster strikes: Creating an Incident Response Plan

Your business has firewalls, the latest security software, multi-factor authentication, and, of course, uncrackable passwords. You may even have Cyber Essentials—high five. But… It’s still not enough to protect you from 100% of cyber attacks. Completely watertight...
Don’t sleep on this simple, effective security booster

Don’t sleep on this simple, effective security booster

Microsoft’s enforcing an extra layer of security for logins to one of its tools. Even if you don’t use it, you should follow their lead and implement this security booster in your business.

How to get the most from Microsoft Teams

Is your business struggling with too many emails, lost files, and “final_final_v3” documents? Teams could be a game changer. Yep, it does more than just video calls.  For example, you can also: Chat with your employees Host webinars Share and edit files together Keep...
Woman sitting at her computer with her head in her hands

Protecting your data – Backup and Restore

Protecting your data - Backup and Restore Backing up your business data is critical. What are the different methods of backing up your data? How can you restore lost or corrupted data? These are all important questions for any business to ask themselves. After reading...
Is Wi-Fi 7 worth the investment?

Is Wi-Fi 7 worth the investment?

Is upgrading to Wi-Fi 7 the right investment for your business? We look at the pros and cons of the next-gen wireless connection.

How to create secure passwords

How to create secure passwords

Weak passwords are one of the biggest security risks to your business.
Why?
Because cyber criminals are getting smarter than ever before. If they manage to crack just one password, they could gain access to your sensitive business data, financial information, or even gain control of your entire system.
Cyber criminals use automated tools to guess passwords, allowing them to try out millions of combinations in seconds. So, if you’re using something like “Password123” or “CompanyName2025”, you’re practically handing them the keys to your business.
A compromised password can lead to big issues, such as:
• Data breaches
• Financial losses
• Identity theft
• Reputation damage
But how do you create strong passwords without driving yourself (and your team) mad?
Think of your password like a secret recipe, where only you should know the ingredients. It should:
• Be at least 14 characters long (the longer, the better)
• Include a mix of uppercase and lowercase letters
• Contain a few numbers and symbols (like @, $, %, or &)
• Not contain any common words or easily guessable information (like birthdays, names, or the word “password”)
Instead of using a single word, you could try a passphrase – a short, random sentence that only you would understand. For example, instead of “Sailing2025”, try something like “Coffee&CloudsAreGreat9!”. This is much harder to crack, yet still easy to remember.
You should also steer clear of these common mistakes:
• Using personal info (your name, birthday, business name, etc.)
• Reusing the same passwords across multiple accounts
• Using simple sequences (“123456” or “abcdef”)
• Storing passwords in an easily accessible place (like a sticky note on your desk)
If remembering unique passwords for every account sounds impossible, there is another option: Password managers. These generate strong passwords, store them securely and autofill them for you.
With a password manager, you only need to remember one strong master password for the manager app itself. The rest are encrypted and stored safely, reducing the risk of data breaches.
Even the strongest password isn’t foolproof, which is why multi-factor authentication (MFA) is also important. MFA requires a second form of verification, like a one-time code sent to your phone or generated from an authentication app.
If you have employees accessing your business systems, it’s a good idea to have a password policy in place to explain your rules and why they’re important. This should include:
• Unique passwords for each system and account
• Regular security training on password best practices
• Business-wide use of MFA for critical systems
• Scanning for compromised passwords regularly
By making password security a priority, you can reduce the chances of a cyber attack creating a nightmare for your business.
And if you need help making your business more secure, get in touch.

Are you really downloading Zoom – or is it malware?

When you think about tools for remote working and chatting online, one of the first names in your mind is Zoom. But its popularity has opened the door for cyber criminals. They’re using its name to steal sensitive data. Researchers have discovered at least six convincing-looking download sites. They’re not the real thing. They’re designed […]

Cloud server hacks video thumbnail

Make sure your cloud server is protected from this

Using a cloud server to drive your business’s technology is a smart idea. The benefits are huge. You can use as little or as much storage as you need, without having to worry about limitations or huge bills. Perfect for growing businesses. Your team can access any...
Share This
Contact
Love Lane
Cleobury Mortimer
Shropshire DY14 8PE

01299 382 321
[email protected]
Copyright © Blisstech Solution Ltd
Registered No: 08125391 VAT No : 307 5490 05