Nothing about LLMs is random, how is this not common sense? If you prompt it the same prompt 50 times, it'll always converge towards the most plausible answer in its training based on probability, and most of them will follow the first pattern. The paper mentions using different chats for each of the 50 prompts and using the first password suggested and then finding similarities between them. Would it be the same if the LLM had context and did not always have to use a new chat? I highly doubt it.
Overall, yeah don't generate passwords with LLMs but is this really a surprise that answers are simillar for the same prompt in every new chat with a LLM?
simedw ~ $ claude -p "random number between 1 and 10"
7
simedw ~ $ claude -p "random number between 1 and 10"
7
simedw ~ $ claude -p "random number between 1 and 10"
7
simedw ~ $ claude -p "random number between 1 and 10"
7
This doesn't seem surprising, but I also don't think it's that important. First, how do they stack up against humans creating supposedly random passwords? Are they better than my "favourites"? Second, is the relative strength of a password - beyond trivial - the crux problem here? It seems a msitake to focus on "strongest password ever" when people are using simple passwords, sharing passwords or resources aren't even secured at all. Sure, don't use an LLM to generate your password, but let's take care of the basics and not over-focus on looking for more reasons to hate LLMs.
If you say: "Generate a strong password", then Claude will do what's reported in the article.
If you say: "Generate a strong password using Python", then Claude will write code using the `secrets` module, execute it, and report the result, and you'll actually get a strong password.
To get good results out of an LLM, it's helpful to spend a few minutes understanding how they (currently) work. This is a good example because it's so simple.
Random sampling works well in base (true unsupervised) models, being only limited by their input distribution it's sampling from, I guess you can vaguely call that "sufficiently random" for certain uses, e.g. as a source of linguistic diversity. Any post-training with current methods will narrow the output distribution down, this is called mode collapse. It's not a fundamental limitation but it's hard to overcome and no AI shops care about it. Annoying LLM patterns in writing and media generation is a result of this.
11 comments
[ 5.2 ms ] story [ 47.5 ms ] threadOverall, yeah don't generate passwords with LLMs but is this really a surprise that answers are simillar for the same prompt in every new chat with a LLM?
For example:
tr -cd "[:alnum:]" < /dev/urandom | fold -w 20 | sed 10q
Change "alnum" to "print" to get other characters. This will generate 10 20 characters passwords.
If you say: "Generate a strong password using Python", then Claude will write code using the `secrets` module, execute it, and report the result, and you'll actually get a strong password.
To get good results out of an LLM, it's helpful to spend a few minutes understanding how they (currently) work. This is a good example because it's so simple.
However, "make my a python script the generates a random password" works.
Skill issue.
Some early testing I found that injecting a "seed" only somewhat helped. I would inject a sentance of random characters to generate output.
It did actually imrpove its ability to make unique content but it wasn't great.
It would be cool to formaile the test for something like password generation.