Before typing a pin number of password on a public computer, make sure to wear gloves, or else the ThermoSecure system may be able to guess it based on the heat left from your fingertips. Computer security experts from the University of Glasgow developed this system to show how thermal imaging cameras can be used by nefarious actors to steal passwords on a computer keyboard, smartphone / tablet, or an ATM keypad.
The brighter sections on a thermal image show the more recently touched keys, thus by measuring the relative intensity of the warmer areas, it’s possible to determine the specific letters, numbers or symbols that make up the password and estimate the order in which they were used. From there, a thief can try various combinations to crack a password. ThermoSecure was able to decode 86% of passwords when thermal images were captured within 20-seconds, 76% in 30-seconds. and 62% after a minute.
- Powerful Productivity: 11th Generation Intel Core i3-1115G4 Dual Core processor delivers unmatched speed and intelligence, enabling impressive...
- Visibly Stunning: Experience sharp details and crisp colors on the 15.6" Full HD IPS display with 82.58% screen-to-body, 16:9 aspect ratio and narrow...
- Ergonomic Typing: Ergonomically-designed hinge lifts the keyboard for comfortable typing, improved cooling, and a better sound experience
Access to thermal imaging cameras is more affordable than ever – they can be found for less than £200 – and machine learning is becoming increasingly accessible too. That makes it very likely that people around the world are developing systems along similar lines to ThermoSecure in order to steal passwords. It’s important that computer security research keeps pace with these developments to find new ways to mitigate risk, and we will continue to develop our technology to try to stay one step ahead of attackers,” said Dr Khamis, of the University of Glasgow’s School of Computing Science.
