A new discovery from researchers at the University of Glasgow has set the cybersecurity alarm bells ringing once again. Research shows that the passwords you type to unlock your phones or for the processing of transactions at an ATM can be easily detected by hackers. Researchers have warned the public to enable different security checks on their phones in order to avoid any significant loss. You would be astonished to know that the heat from your fingertips after you type the password can be easily detected by the thermal cameras within a period of one minute. And this is enough to give you an idea of how dangerous it could prove.
Coupled with this, the researchers tested the development through an AI-based thermal camera known as “ThermoSecure,” and it turned out that the device easily guessed the recently typed passwords. As per the statistics, around 86% of passwords were detected by the device within 20 seconds of use and 76% of the results were successful when tracing the passwords after 30 seconds of use. However, when deploying the system after 60 seconds of use, the success rate declined to about 62%. This shows that a shorter interval time contributes to a higher success rate.
Not to mention, there is another dimension to this technology. Although it has a good success rate in tracing long passwords, it has been reported that the thermal camera can guess shorter passwords more quickly in comparison. It should be noted that twelve-figured passwords have a success rate of 82%, eight-figured passwords contribute to a 93% success rate, and 100% efficiency is achieved in tracing out six-figured passwords.
In addition to this, Mohamed Khamis, of the Scottish university’s School of Computing Science, stated, “They say you need to think like a thief to catch a thief. We developed ThermoSecure by thinking carefully about how malicious actors might exploit thermal images to break into computers and smartphones.” He further said, “It was very likely that people around the world are developing systems along similar lines to ThermoSecure in order to steal passwords. It’s important that computer security research keeps pace with these developments to find new ways to mitigate risk, and we will continue to develop our technology to try to stay one step ahead of attackers. “
Also, the areas that you pressed recently will appear to be brighter as compared to those that you touched before. This could help the device in tracing out the correct patterns of the passwords. Furthermore, talking about the counter-security measures which could be beneficial for users, Dr. Khamis said, “Backlit keyboards also produce more heat, making accurate thermal readings more challenging, so a backlit keyboard with PBT plastics could be inherently more secure. Finally, users can help make their devices and keyboards more secure by adopting alternative authentication methods, like fingerprint or facial recognition, which mitigate many of the risks of a thermal attack.”