Technology

Hackers can now use your body heat to steal your passwords

While you type your password on your laptop or computer, you are also leaving heat traces that hackers can pick up and steal your password subsequently. Hackers make use of thermal imaging camera and then they scan your computer keyboard where you have typed your password.

Researchers at the University of California, Irvine UCI found out while conducting a research that key presses can be recovered within half a minute after the first key was pressed using the off-the-shelf solutions offered by FLIR cameras which are infrared and heat detecting. After a minute has passed, thermal scans can be used to obtain partial passwords.

The researchers found out that the thermal residue evaporates over time and there is a time before which thermal energy readings can be harvested from computer or laptops to recover the recently entered information.

Thirty users who are not experts were asked to guess the passwords based on thermal imaging scans. The users were able to guess passwords within 19.5 and 31 seconds after they were initially entered. While weak passwords such as football took half a minute for non-experts to obtain, as reported by TechRepublic.

So, the researchers came to a conclusion that by using forefingers to type, a user can leave a bigger fingerprint on each key which led to more heat trace left behind. This leads to the generation of more thermal noise. This made it tough to analyze heat traces using FLIR camera. While those that have acrylic fingernails are less prone to thermal attacks as they type with fingernails and therefore they leave almost no heat trace behind.

So, the findings suggest that thermal imaging attacks are realistic. If you need to keep your passwords safe while using computers in a public environment, you must use two-factor authentication. For this attack, an attacker needs to place a camera that has thermal recording features near the computer from where he intends to steal passwords. Furthermore, the research team believes that in order to get rid of passwords to secure user information, there must be an alternative to the use of passwords.

Researchers said,

“As formerly niche sensing devices become less and less expensive, new side-channel attacks move from ‘Mission: Impossible’ towards reality. This is especially true considering the constantly decreasing cost and increasing availability of high-quality thermal imagers.”

Sponsored
Ammara Saleem

I love to cover news about latest happenings in startup ecosystem and world of technology. I am obsessed with the use of Tech gadgets and always prefer to use them unless I have to make a choice between paperback and Kindle.

Share
Published by
Ammara Saleem

Recent Posts

Rs158 Billion Spent on Importing Mobile Phones to Pakistan in the Last Five Months

According to data from the Pakistan Bureau of Statistics (PBS), Pakistan imported mobile phones worth…

1 hour ago

EU Concerns Over Pakistan’s Military Court Sentences May Impact GSP+ Trade Benefits

The European Union (EU) has expressed concern over the recent convictions of 25 civilians by…

2 hours ago

SBP Announces December 25 as a Bank Holiday

The State Bank of Pakistan (SBP) has officially declared Wednesday, December 25, 2024, as a…

2 hours ago

Greentree Holdings Ltd Aims for 35% Stake in TRG Pakistan

AKD Securities, the manager of the offer, informed the main stock exchange on Monday that…

3 hours ago

PTV Faces Criticism Over Misleading Chemotherapy Statements

ISLAMABAD: On Pakistan Television (PTV), medical experts raised serious concerns over false information on chemotherapy…

3 hours ago

OpenAI Rolls Out Advanced Voice Mode for macOS ChatGPT App

OpenAI has introduced Advanced Voice Mode to ChatGPT's desktop applications for macOS apps, enabling users…

3 hours ago