Most people still use passwords like 1234, password, admin, qwerty, or small variations of them. We all know this. But AI makes this problem much worse. This is not about brute force anymore. AI does not try every combination. It predicts what humans are likely to choose. Based on language habits, keyboard patterns, leaked datasets, and common substitutions, AI can guess passwords in ways that feel uncomfortable fast. Capital letter at the start. Number at the end. Year of birth. Same pattern everywhere. I recently tested a small tool that simulates this idea. It does not ask for your real password. It just shows how predictable human choices are when AI models human behavior instead of math only. What scared me is not the tool itself. It is how weak our mental model of password strength still is. Length and symbols mean nothing if the structure is human obvious. If AI is already this good now, password based security alone feels outdated. Curious how others here think about this. Especially people working with auth systems or threat modeling. For reference, this is the tool I tested so you can see what I mean.

What cancer is this website ? I wouldn't trust this website with my first name. Adult ads pop up like I'm on a sketchy movie piracy site.

edit: also asks to send you notifications. Why ?

website is trash, but so is the password guessing that it produces.

Cool take, but password security IS outdated since long before AI, I think the new really scary part is target selection - crawl Linkdin and FB and send personalized attacks - what works for advertising also works for phishing (after all they are basically the same thing ;)