Article Details

Use this AI chatbot prompt to create a password-exclusion list. One of the most successful forms of password breaches occurs when hackers simply guess commonly used passwords. And while organizations often invest in advanced security measures, they sometimes overlook this basic level of protection.  Creating a custom dictionary can help prevent employees from using passwords that are likely to be guessed. Here’s what your business needs to know about what makes a good password dictionary and how an AI tool like ChatGPT can help you brainstorm potentially vulnerable passwords. Why users choose weak passwords A user doesn’t set out to select a weak password intentionally — they simply choose a password they can easily remember, often using company names, dates, or simple phrases. Attackers take advantage of this by launching dictionary attacks, pairing automated tools with word lists to quickly test thousands of password variations. What makes an effective password dictionary A password dictionary blocks users from selecting known weak passwords. It contains: Using AI to create your dictionary Want some help creating your custom dictionary? Consider using ChatGPT or similar AI tools to speed up the process. Here’s how to make it happen, including sample prompts: Get known weak passwords Ask the AI to list widely used password databases like HaveIBeenPwned and DeHashed. These databases show which passwords attackers already know and target. Sample prompt: Can you please give me a list of databases that collect passwords that are known to be breached? Add company-specific terms The AI needs specific details about your organization to generate relevant password patterns. Here's how to structure your request: Sample prompt: I want to create a custom dictionary to help prevent employees from using easily guessed passwords. Our company, ACME Corporation, is based in Dover, Delaware. Our main products are the ACME app, the ACME widget, and the ACME platform. Can you please create a list of weak passwords our employees may be using? The AI will analyze different categories, including:   Generate password variations After you've added company-specific terms, ask the AI to generate predictable variations users might create. Here's how to get comprehensive results: Sample prompt: "Using these company terms [list your terms], please generate all common variations that meet basic password requirements. Include number patterns, special characters, capitalizations, and combinations." The AI will generate variations like: Managing your password dictionary Like other aspects of cybersecurity, managing your password dictionary isn’t a one-time event; it should be an ongoing process. Update your dictionary, adding new company terms whenever you launch products or start projects. Check your logs for failed password attempts to identify patterns users are trying. And ensure you review your dictionary quarterly to remove outdated terms and add new variations. Additional password protection Password dictionaries can enhance your security but can’t single-handedly protect your organization. To reduce your organization’s vulnerabilities, use password dictionaries along with other security measures, including:  Integrating password security tools For the greatest level of protection, consider using a tool that combines custom dictionaries with breach monitoring. For example, Specops Password Policy allows you to easily create and import a customized list of banned passwords, then continuously checks your Active Directory against that list and an always-updated list of over four billion breached passwords. By using a tool like Specops Password policy, your organization can automatically block compromised passwords, helping keep your people, your systems, and your data safe. Get in touch and we can set you up with a free trial. Sponsored and written by Specops.