If your associates are using ChatGPT or Copilot to clean up a brief or summarize a deposition transcript, asking it for a strong password to use on the firm’s Clio login feels like a natural next step. Sixteen characters, a mix of letters, numbers, and symbols. Looks great.
Don’t do it. Not for Clio, not for NetDocuments, not for the trust account portal, not for the e-filing login. Not for anything that touches client data.
Security researchers at Irregular tested this in February 2026. They asked the major AI tools, including ChatGPT, Claude, and Gemini, to generate passwords. Fifty times each, in fresh conversations. The results looked strong at a glance. They were not. And for a firm already short on time, this is the kind of shortcut that quietly creates a confidentiality exposure nobody notices until there is a breach, an insurance questionnaire, or a client asking uncomfortable questions.
Why AI is the wrong tool for this
A password is only as strong as it is unpredictable. That is the whole game. Real password generators use what is called a cryptographically secure random number generator, which is built specifically to produce output that nobody can predict.
AI works the opposite way. The technology behind ChatGPT, Copilot, Claude, and the rest is called a large language model. Its entire job is to predict what comes next based on patterns it learned from training data.
That is the wrong tool for generating passwords. Asking AI to be random is like asking a card counter to draw a random card. They can try, but their training pulls them toward patterns.
What the research found
In fifty runs asking Claude Opus 4.6 for a password, the same password came back eighteen times. Not similar passwords. The exact same one: G7$kL9#mQ2&xP4!w. That single password showed up in 36% of attempts.
Across all the models tested, passwords showed obvious patterns. They almost always started with the same few characters. Certain letters showed up in every single password while most of the alphabet never appeared. None of them had repeating characters, which sounds like a good thing but isn’t. Real randomness includes repetition. The absence of it is a giveaway that something rule-based is happening behind the scenes.
The trouble is that none of this shows up in an online password strength checker. Those tools look at length and character variety. They don’t see hidden patterns. So a password like G7$kL9#mQ2&xP4!w gets graded as taking centuries to crack, when in reality an attacker who knows it came from an AI is guessing from a much smaller pool than the password’s length suggests.
Why this matters more for a firm than for most businesses
Pull the chain through to a firm context and the exposure looks different than the general case. The credentials sitting behind the firm’s daily work protect client files, work product, calendaring with court deadlines, trust account access, and email that is privileged on its face. The duty to protect that information is not a best practice. It is the duty of confidentiality. Under the ABA Model Rules, Rule 1.6(c) frames that duty around reasonable efforts to prevent unauthorized disclosure or access to client information. California firms hold a comparable duty through Rule 1.1’s competence requirement, Business and Professions Code section 6068(e), and Formal Opinion 2010-179 on technology. Different path. Same practical problem.
A firm whose attorneys generate passwords with ChatGPT would have a hard time explaining that as a reasonable credential-control practice. It is using a tool that produces predictable output, and doing so on accounts where predictability is the failure mode the standard is meant to prevent.
There is a second exposure worth naming. Your cyber liability renewal questionnaire will ask, in some form, how the firm manages credentials. If the honest answer is “the associates make them up themselves, sometimes with ChatGPT,” the carrier will price that, and probably not in your favor.
What to do instead
Use a password manager. Every reputable one has a built-in generator that produces genuinely random passwords, and they store them so nobody has to remember them.
For a firm, the value of a password manager is bigger than stronger passwords. It is shared vaults for matter-specific credentials so the team can access what they need without anyone emailing logins around. Cleaner offboarding when an associate or contract attorney leaves with active matters, so revoking access is one process instead of a hunt through browsers and sticky notes. Control over which paralegals have access to which client portals. Fewer passwords living in Outlook drafts, browser autofill, or the long-departed paralegal’s saved sessions. Those are the places real breaches start, and they are also the places opposing counsel will probe if a security failure gives them leverage.
1Password, Bitwarden, Dashlane, and Keeper all have business tiers that fit a firm in this audience. The cost is small compared to what one breached email account or one trust account compromise looks like on the malpractice side.
While you are at it, turn on multi-factor authentication everywhere it is offered. Think of MFA as a second lock on the account. If the password gets exposed, the attacker still needs another way in. A strong password is the floor. MFA is what stops most account takeovers when a password does leak, which over time it will.
The takeaway
AI is useful for a lot of firm work. Drafting, summarizing, document review with the right guardrails, client intake, deposition prep. Passwords are not on that list, and the convenience of asking a chat window for one is not worth what the firm gives up under the duty of confidentiality.
If you want help getting the firm onto a password manager, cleaning up shared matter access, and tightening credential controls before your next insurance renewal, we work with firms in exactly this situation. It is one of the highest-value cleanups a firm can do for the cost, and it is much easier to handle before an insurer, client, or regulator starts asking how the firm manages credentials.