On the internet, where practically everyone is a stranger living in a vast public digital space, the only thing that makes one person unique from others, is their credentials.
Using the correct email and password combination in the correct platform, will grant access to anyone who entered the credentials.
Things are actually that simple.
This fact makes users' credentials an expensive commodity. Hackers are doing all they can to get their hands on this information to do various nefarious things that include, and not limited to: stealing data or money, account hijacking, extorsion, and other forms of scams, as well as spam.
For these bad actors, it's easy to trace or track one's email address. But the same does not apply with passwords.
Passwords are much more difficult to obtain, because people know that they have to protect this secrecy at all cost.
This is why hackers may launch what's called a "brute force" attack on target's account in a bid to gain access.
Traditionally, a "normal" password would take around a few seconds, to trillions of years.
The factors depend on how strong the password is.
Stronger passwords use the combinations of upper and lowercase letters, numbers and symbols. The lengthier the password, the stronger it becomes as well.
The factors also depend on the resources of the hackers, because the more powerful the computer the hackers use, and more sophisticated tools they use, the faster they would be able to crack open the password. And if the hackers managed to obtain other sensitive information about their targets, like for example, knowing their target's birthday date, the easier the cracking will be.
But apparently, mere algorithms are seem pale if compared to artificial intelligence.
Thanks to AI, even industrial-strength password may not be as hacker-proof as what many people would have thought.
This is because it was realized that AI-based "password guessing" platforms, trained using password generative adversarial network, could solve 51% of common passwords it was attempting to crack in less than 60 seconds.
It was able to figure out 65% of such passwords can be cracked in less than an hour, 71% of passwords in less than one day, and 81% of common passwords can be cracked in under one month.
According to one of the platforms, PassGAN the AI learned its abilities to "autonomously learn the distribution of real passwords from actual password leaks."
Read: Tips In Creating A Strong Password That's Hard To Guess But Easy To Remember
According to a report from Home Security Heroes, those who wish to protect themselves from an AI "password guessing" platform, they have to make their passwords at least 12 characters long.
This, in order to prevent AI-powered password crackers from "instantly" guessing the target's password.
But still in this case, a 12-character password made up of only numbers can be cracked in under 25 seconds, which isn't very long.
However, by also using upper and lower case letters, chances are, the AI will require an additional 289 years to guess the password.
And if people use numbers, upper and lower case letters, and symbols, their password could be safe from AI for about 30,000 years.
Lengthier passwords are much safer as well.
It's said that a18-character password using lowercase letters only could be safe from AI for 22 million years.
And if uppercase letters are added, they can extends that protection to 7.23 billion years, according to the study.
Maxed out using the combinations of numbers, upper and lowercase Letters and symbols would significantly extend the duration to 6 quadrillion years.
But again, those numbers are subjected to change.
If the AI is trained to be more powerful and capable, running on more powerful computers, it should return with answers more quickly. And if hackers also use social-engineering tricks, results should also return faster.
Another way to remain safe on the web, is by using two-factor authorization (2FA).
When people signed up to an app that has 2FA enabled, a code or a prompt is sent to their phone. They need to interact with this alert in order to grant or deny access.
Another way, is to never use the same password for multiple accounts and apps. Whenever possible, people should use auto-generated passwords and update their passwords often, especially for banking and other financial apps.
Additionally, people are also advised to never remain logged in to financial and other sensitive apps, and that they should always avoid using public Wi-Fi when using those apps.
In the modern days of mobile and internet, where people are doing too many things using the technologies, the risk of losing the data can be catastrophic.
At first glance, it might seem like hard work to keep passwords safe, but it is well worth the effort to prevent an attacker from breaking into their important apps and accounts.
Further reading: The Reason Why Using Any Password Manager Is Better Than Not Using Password Manager At All