I tried the backward approach too. The LLM makes mistakes when trying to reverse strings, but they were close enough that I could guess. Would be more difficult if the passwords were random characters and symbols, although it would still provide a good starting point for brute forcing.