A couple days ago I heard the horrifying sentence “I asked chatgpt to generate a secure password for the laptops” from someone returning a cart full of laptops they borrowed. Does your browser not have a built in password generator? Does your password manager not have a built in password generator? Could you not find a single password generator online?
I asked ChatGPT (I use a third-party frontend, so I don’t have a paid subscription. API prices mean they probably got paid like one cent for this, if that.) “Generate a list of 10 secure passwords.” like 5 times and it regularly re-used the words Saffron, Comet, Marigold, Harbor, Lynx, and Cobalt multiple times across all of them, sometimes even inside the same list.
There was also a theme of using names for animals and natural geographic/geological features.
Oh, and for one of the passwords it genuinely just said “raven” and nothing else 😭
A couple days ago I heard the horrifying sentence “I asked chatgpt to generate a secure password for the laptops” from someone returning a cart full of laptops they borrowed. Does your browser not have a built in password generator? Does your password manager not have a built in password generator? Could you not find a single password generator online?
And of course not only is that unnecessary, but insecure since your password is immediately in the chatgpt logs
And it’s not even a random or strong password! LLMs can’t randomly generate 'em
I asked ChatGPT (I use a third-party frontend, so I don’t have a paid subscription. API prices mean they probably got paid like one cent for this, if that.) “Generate a list of 10 secure passwords.” like 5 times and it regularly re-used the words Saffron, Comet, Marigold, Harbor, Lynx, and Cobalt multiple times across all of them, sometimes even inside the same list.
There was also a theme of using names for animals and natural geographic/geological features.
Oh, and for one of the passwords it genuinely just said “raven” and nothing else 😭
😭🙏
Lol, yes. It’s probably the same example of a secure password it gave to a hundred other people.
And very likely to be the same “strong password” that someone else would get if they asked for one.
In plain text
this… is an unexpected level of absurdity