You can’t even imagine how vulnerable our personal information is. There are tons of methods that bad actors can use to steal what we are trying to protect by securing our accounts/devices. Not long ago, researchers at the University of Glasgow published a paper describing their ThermoSecure system for finding passwords and PINs. They use thermal cameras and AI to extract passwords from input devices such as keyboards, touchpads, and even touchscreens.
The main advantage of this method is that ThermoSecure is much more effective than many other approaches. The research article claims that in tests, “ThermoSecure attacks 6-character, 8-character, 12-character and 16-character passwords with an average accuracy of 92%, 80%, 71%, and 55%”. Taking thermal images within 30 seconds is even more accurate.
How Thermal Cameras Further The Cause
What hackers need is a thermal imaging camera. It can cost as little as $150. The system uses an object detection method based on Mask RCNN in the AI software. In simple terms, it translates the (thermal) image into keys. It also takes into account variables such as keyboard localisation over the course of three phases, followed by key entry and multi-press recognition. A special algorithm then determines the order in which the keys are pressed.
Gizchina News of the week
How To Protect Your Data From ThermoSecure
So what can we do to mitigate the threat from ThermoSecure?
The first recommendation is to use longer passwords. Also, if your typing is fast, the method won’t work well.
It’s important to consider how materials react when heated. It’s a concern if a hacker can copy anything you type in less than 30 seconds. ABS keycaps retain heat longer than PBT keycaps.
Backlit keyboards hide fingerprints from hand movements. So if you haven’t noticed this feature before, you will now.
There are many ways to protect your data and passwords lose them all. So it’s better to use other methods, such as biometrics.