Technology

Hackers can now use your body heat to steal your passwords

While you type your password on your laptop or computer, you are also leaving heat traces that hackers can pick up and steal your password subsequently. Hackers make use of thermal imaging camera and then they scan your computer keyboard where you have typed your password.

Researchers at the University of California, Irvine UCI found out while conducting a research that key presses can be recovered within half a minute after the first key was pressed using the off-the-shelf solutions offered by FLIR cameras which are infrared and heat detecting. After a minute has passed, thermal scans can be used to obtain partial passwords.

The researchers found out that the thermal residue evaporates over time and there is a time before which thermal energy readings can be harvested from computer or laptops to recover the recently entered information.

Thirty users who are not experts were asked to guess the passwords based on thermal imaging scans. The users were able to guess passwords within 19.5 and 31 seconds after they were initially entered. While weak passwords such as football took half a minute for non-experts to obtain, as reported by TechRepublic.

So, the researchers came to a conclusion that by using forefingers to type, a user can leave a bigger fingerprint on each key which led to more heat trace left behind. This leads to the generation of more thermal noise. This made it tough to analyze heat traces using FLIR camera. While those that have acrylic fingernails are less prone to thermal attacks as they type with fingernails and therefore they leave almost no heat trace behind.

So, the findings suggest that thermal imaging attacks are realistic. If you need to keep your passwords safe while using computers in a public environment, you must use two-factor authentication. For this attack, an attacker needs to place a camera that has thermal recording features near the computer from where he intends to steal passwords. Furthermore, the research team believes that in order to get rid of passwords to secure user information, there must be an alternative to the use of passwords.

Researchers said,

“As formerly niche sensing devices become less and less expensive, new side-channel attacks move from ‘Mission: Impossible’ towards reality. This is especially true considering the constantly decreasing cost and increasing availability of high-quality thermal imagers.”

Sponsored
Ammara Saleem

I love to cover news about latest happenings in startup ecosystem and world of technology. I am obsessed with the use of Tech gadgets and always prefer to use them unless I have to make a choice between paperback and Kindle.

Leave a Comment
Share
Published by
Ammara Saleem

Recent Posts

Microsoft Launches AI-Powered “Support Virtual Agent” for Xbox Users

Microsoft has launched its AI-powered “Support Virtual Agent” chatbot for Xbox Insiders in the U.S.,…

4 hours ago

Musk Says Tesla Won’t Enter Smartphone Market Unless Necessary

Android Authority recently polled its users to find out if they would purchase a Tesla…

5 hours ago

Sukkur IBA Sets Seven Conditions for Conducting MDCAT

The Secretary of the Sukkur IBA Testing Agency has formally requested urgent action from the…

5 hours ago

PSEB Opens Bidding for Nationwide e-Rozgar Centers

The Pakistan Software Export Board (PSEB) has launched a nationwide program to encourage IT startups…

6 hours ago

Google Play Services Bug Disrupts Access to Apps for Pixel Users: Here’s How to Fix It

A significant issue with Google Play Services has left many Pixel users unable to access…

6 hours ago

WhatsApp Beta Partners with Google for Innovative Image Search Feature

When it comes to Android messaging apps, WhatsApp stands out as one of the best.…

6 hours ago