This is a good question and your curiosity is appreciated.
A password that has been properly hashed (the thing they do in that Avalanche Effect Wikipedia entry to scramble the original password in storage) can take trillions of years to crack, and each additional character makes that number exponentially higher. Unless the AI can bring that number to less than 90 days - a fairly standard password change frequency for corporate environments - or heck, just less than 100 years so it can be done within the hacker’s lifetime, it’s not really going to matter how much faster it becomes.
The easier method (already happening in fact) is to use an LLM to scan a person’s social media and then reach out to relatives pretending to be that person, asking for bail money, logins etc. If the data is sufficiently locked down, the weakest link will be the human that knows how to get to it.
This is a good question and your curiosity is appreciated.
A password that has been properly hashed (the thing they do in that Avalanche Effect Wikipedia entry to scramble the original password in storage) can take trillions of years to crack, and each additional character makes that number exponentially higher. Unless the AI can bring that number to less than 90 days - a fairly standard password change frequency for corporate environments - or heck, just less than 100 years so it can be done within the hacker’s lifetime, it’s not really going to matter how much faster it becomes.
The easier method (already happening in fact) is to use an LLM to scan a person’s social media and then reach out to relatives pretending to be that person, asking for bail money, logins etc. If the data is sufficiently locked down, the weakest link will be the human that knows how to get to it.