Skip to content

Should you use AI to generate passwords

By the Password Rangers teamUpdated 6 min read

No. Asking ChatGPT or any other AI chatbot for a password is one of the worst ways to make one. Large language models predict likely text, which is the exact opposite of randomness. Testing published in February 2026 showed that AI-generated passwords repeat constantly and follow patterns attackers can exploit. The password also ends up in a chat log.

None of this means AI is useless for security. It means there is one specific job, minting the secret itself, that a prediction engine must never do. Here is the evidence, the reason it happens, and what to use instead.

What the 2026 research found

In February 2026, researchers asked a leading AI model for a password 50 times and got back only 23 unique results. More than half the responses were repeats of passwords the model had already handed out. When testers ran cracking tools against batches of AI-generated passwords, they broke a large share of them quickly.

This was not a surprise to anyone watching the space. Security firms had been warning about it for years. Keeper Security flagged the problem back in 2024: passwords from chatbots look strong at a glance but are assembled from a small set of predictable ingredients, so they fall to pattern-aware cracking far faster than their length suggests.

The uncomfortable part is that these passwords pass casual inspection. They have mixed case, a digit or two, a symbol, often 12 to 16 characters. A strength meter that only looks at composition, like the checker on our homepage, can only tell you how a password is built, not how many other people received the same one. A password that 49 other users also got is not a secret, no matter how it scores.

Why language models can't do random

A language model works by predicting which text is most likely to come next, based on patterns in its training data. Randomness has no patterns, so a model literally cannot produce it. When you ask a chatbot for a random password, you get its best imitation of one, sampled from everything it has seen humans call a password.

That training data pushes the output toward memorable-looking structures. A capitalized dictionary word, a number, an exclamation point at the end. Recent years like 2024 and 2025 show up constantly. So do words like Dragon, Secure, and Sunshine, because those are the words that appear near the word "password" in text scraped from the internet.

There is also a mechanical limit. A proper generator calls a cryptographically secure random number generator, in a browser that means crypto.getRandomValues, and picks each character independently. A chatbot cannot call that function by talking to you. It can write the word "random" in its reply, but the characters it outputs are still predictions.

The fatal flaw is scale. Millions of people type nearly identical prompts, "give me a strong 16 character password," into the same handful of models, and the outputs overlap. Attackers can run those same prompts thousands of times, harvest the results, and build wordlists of everything the models tend to produce. Your "unique" password may already be on one.

The chat transcript problem

Any password a chatbot gives you exists in at least two places you don't control: the provider's servers and your chat history. Depending on the service and your settings, that transcript may be retained for years, reviewed by staff, or used to train future models. You have no way to audit which of those happened.

Even under the friendliest privacy policy, you have converted a secret into a record. Compare that with a client-side generator, where the password is created inside your own browser and never travels anywhere. Our strong password generator works exactly that way: zero network requests during generation, which you can confirm yourself in the DevTools network tab. We walk through that verification in our guide to online generator safety.

What AI chat is actually good for

AI assistants are fine for questions about passwords and terrible at producing them. Use one to explain a policy, compare tools, or plan an account cleanup. The line is easy to draw: a chatbot can talk about secrets all day, but it should never create one.

Reasonable uses:

  • Explaining what NIST SP 800-63B actually requires, such as the 15 character minimum for password-only accounts.
  • Comparing password managers and their trade-offs for your situation.
  • Explaining why honest answers to security questions are weak, and why the fix is a random string stored in your manager (generated by a real generator, not the chatbot).

Things a chatbot should never mint: passwords, passphrases, PINs, recovery codes, API keys, or any other value whose entire worth depends on nobody else being able to guess it.

What to use instead

Use a generator that runs a cryptographically secure random number generator in your own browser, store the result in a password manager, and turn on MFA. Every character then comes from crypto.getRandomValues instead of a prediction engine, so the odds of any two users ever seeing the same password are astronomically small.

A random 16 character password with letters, digits, and symbols carries about 103 bits of entropy. At 10 billion guesses per second, an offline attacker needs about 14 trillion years on average. For something you'll type by hand, our passphrase generator draws words from the EFF wordlist by the same cryptographic method; six words is about 62 bits, plenty for any rate-limited login. CISA recommends 16 or more characters, or a passphrase of 4 to 7 unrelated words, alongside a manager and MFA. Our guide on how to create a strong password puts the whole setup in order.

There is a small irony worth savoring here. Ask a current AI assistant for a password and the better ones now decline and point you to a dedicated generator instead. The chatbots have read the research too. Take the hint they are giving you.