Researchers warn that current password-based security protections could deteriorate if hijackers start using artificial intelligence-assisted thermal imaging to determine passwords shortly after they are entered. Researchers at the University of Glasgow have unveiled a method to guess recently entered passwords on keyboards and phone screens with high accuracy by imaging the heat signature of users' fingers.
The technique's success rate varies with time, materials and password length, but could worsen a recent uptick in device thefts.
Thieves have recently begun stealing and breaking into phones and other devices by watching users enter their passwords in public places. Logging in with a victim's password is a straightforward way to overcome all the security measures that companies like Apple and Google have painstakingly put in place, and once someone steals and logs into their device, there's nothing the victim can do.
However, a successful identity theft requires the perpetrator to remember the password as they see it, or to record the victim as they enter it. The researchers' new method could give thieves a wider window into deciphering passwords after someone types them in.
If a person takes a picture of the screen or keyboard with a thermal camera within a minute of entering their password, the AI can reliably guess the sequence of key presses. The system, called ThermoScure, has a success rate of at least 62 percent, depending on the conditions.
Timing is of the essence, and ThermoSecure had an 86% success rate when analyzing photos taken within 20 seconds of entering a password. The success rate dropped to 76% at 30 seconds and to 62% after one minute.
Longer passwords reduce the effectiveness of the system to some extent. ThermoSecure can guess a 16-character password 67 percent of the time in images taken within 20 seconds of someone entering the password. The guess rate rose to 82% for 12-character passwords, 93% for 8-character passwords, and 100% for 6-character passwords. These results make any non-alphanumeric iPhone passcode a prime target for the system, as simple passcodes for the device can be up to six numbers.
As with keyboards, other factors such as typing style and materials can also affect ThermoSecure's accuracy. From a 30-second thermal signature image, the system could guess the passwords of touch-typists 80% of the time and the passwords of predatory users 92% of the time. Meanwhile, keys made of PBT plastic reduce the success rate to 14%, while ABS plastic only reduces it to about 50%. Backlit keyboards are also safer because they generate more heat and hide thermal fingerprints.
Identity thieves already have easy and cheap access to thermal cameras. While methods to combine them with AI-driven guesswork are not yet available, this study appears to prove the theory, giving users more reason to enact strong security measures. They should avoid entering passwords where others can see them and use other authentication methods, such as biometrics, where possible.
Previous article:How much does it cost to hack a Starlink satellite terminal? $25
Next article:Quantum lidar acquires 3D images underwater and is expected to be used in fields such as security and defense
- Popular Resources
- Popular amplifiers
- Mir T527 series core board, high-performance vehicle video surveillance, departmental standard all-in-one solution
- Akamai Expands Control Over Media Platforms with New Video Workflow Capabilities
- Tsinghua Unigroup launches the world's first open architecture security chip E450R, which has obtained the National Security Level 2 Certification
- Pickering exhibits a variety of modular signal switches and simulation solutions at the Defense Electronics Show
- Parker Hannifin Launches Service Master COMPACT Measuring Device for Field Monitoring and Diagnostics
- Connection and distance: A new trend in security cameras - Wi-Fi HaLow brings longer transmission distance and lower power consumption
- Smartway made a strong appearance at the 2023 CPSE Expo with a number of blockbuster products
- Dual-wheel drive, Intellifusion launches 12TOPS edge vision SoC
- Toyota receives Japanese administrative guidance due to information leakage case involving 2.41 million pieces of user data
- LED chemical incompatibility test to see which chemicals LEDs can be used with
- Application of ARM9 hardware coprocessor on WinCE embedded motherboard
- What are the key points for selecting rotor flowmeter?
- LM317 high power charger circuit
- A brief analysis of Embest's application and development of embedded medical devices
- Single-phase RC protection circuit
- stm32 PVD programmable voltage monitor
- Introduction and measurement of edge trigger and level trigger of 51 single chip microcomputer
- Improved design of Linux system software shell protection technology
- What to do if the ABB robot protection device stops
- CGD and Qorvo to jointly revolutionize motor control solutions
- CGD and Qorvo to jointly revolutionize motor control solutions
- Keysight Technologies FieldFox handheld analyzer with VDI spread spectrum module to achieve millimeter wave analysis function
- Infineon's PASCO2V15 XENSIV PAS CO2 5V Sensor Now Available at Mouser for Accurate CO2 Level Measurement
- Advanced gameplay, Harting takes your PCB board connection to a new level!
- Advanced gameplay, Harting takes your PCB board connection to a new level!
- A new chapter in Great Wall Motors R&D: solid-state battery technology leads the future
- Naxin Micro provides full-scenario GaN driver IC solutions
- Interpreting Huawei’s new solid-state battery patent, will it challenge CATL in 2030?
- Are pure electric/plug-in hybrid vehicles going crazy? A Chinese company has launched the world's first -40℃ dischargeable hybrid battery that is not afraid of cold
- [ART-Pi Review] Part 3: Serial terminal and msh component of RTT Studio project
- DLP6500 light crafter uses USB synchronous trigger signal to play the next picture
- [Raspberry Pi Pico Review] Thonny software builds compilation environment + LED flashing
- A fully digital phase-locked loop design under large frequency deviation and low signal-to-noise ratio conditions
- [Bluesight AB32VG1 RISC-V board "meets" RTT] Run it first
- Qinheng PD sink protocol chip CH224K test, rant & alternative play
- Introduction to the application fields of crystal oscillator frequency
- I always get range check error when I import DDB files with AD09
- EEWORLD University Hall----Live Replay: TI takes you to experience the interconnected and efficient smart home solution
- Thank you all for your help. Thank you very much.