Why LLM-Generated Passwords Are Dangerously Insecure (irregular.com) AI

The article argues that passwords generated directly by LLMs are insecure because token-prediction mechanisms produce non-uniform, repeatable character patterns rather than true randomness. Tests across major models find strong-looking passwords with predictable structure, frequent repeats, and character distribution biases that reduce real-world strength. It recommends avoiding LLM-generated passwords and instead using cryptographically secure generators or instructing coding agents to do so.