Connect with us

News

Thermal Cameras and AI Can Be Used to Crack Passwords, New Study Warns

Published

on

thermal computer

A password may not be enough to protect a device from hackers. A new study has revealed how criminals can use thermal cameras to retrace the password an individual has typed into a smartphone, computer keyboard, or even an ATM.

Researchers from the University of Glasgow have shown how heat-detecting cameras can help crack passwords up to a minute after typing them. They published their findings in the journal ACM Transactions on Privacy and Security last month.

In the study, the computer scientists developed an artificial intelligence (AI) system called ThermoSecure that could retrace recently-typed passwords from the heat of a person’s fingertips. The thermal camera’s images of keyboards and screens can be analyzed by AI to correctly guess computer passwords in seconds.

Some 86 percent of passwords were cracked when thermal images were taken within 20 seconds of typing in the secret code and put through their ThermoSecure system, and 76 percent when within 30 seconds. Success dropped to 62 percent after 60 seconds of entry.

The scientists also found that within 20 seconds the system was capable of successfully attacking even long passwords of 16 characters, with a rate of up to 67 percent correct attempts.

As passwords grew shorter, success rates increased. Twelve-symbol passwords were guessed up to 82 percent of the time, eight-symbol passwords up to 93 percent of the time, and six-symbol passwords were successful in 100 percent of attempts.

With thermal imaging cameras costing less than $220 and AI becoming increasingly accessible, the researchers warned that criminals would likely exploit exploiting thermal images to break into computers and smartphones.

“Access to thermal–imaging cameras is more affordable than ever — they can be found for less than £200 ($220) — and machine learning is becoming increasingly accessible, too. That makes it very likely that people around the world are developing systems along similar lines to ThermoSecure in order to steal passwords,” explains Dr Mohamed Khamis who led the study with Norah Alotaibi and John Williamson.

Thermal Attacks

Thermal attacks can happen after an individual types out their password or passcode on their computer keyboard, smartphone screen or after keying in their pin at a cash point.

A thief could then use a thermal camera to take a picture and record the heat signature of where the individual touched the device. In the images captured by the heat-detecting cameras, areas appear more bright the more recently they were touched.

The warmer the area is, the more recently it was touched, allowing criminals to determine the possible order in which keys were used to try different combinations to crack the password.

By measuring the relative intensity of the warmer areas, researchers found, it was possible to determine the specific letters and numbers of symbols that make up the password and estimate the order in which they were used.

“It’s important that computer security research keeps pace with these developments to find new ways to mitigate risk, and we will continue to develop our technology to try to stay one step ahead of attackers,” explains Khamis.

Dr Khamis says longer passwords should be used wherever possible, with those more difficult to guess accurately. Meanwhile, the type of material keyboards are made from can affect their ability to absorb heat, with some plastics much more likely to retain a heat pattern than others.

“Backlit keyboards also produce more heat, making accurate thermal readings more challenging, so a backlit keyboard with PBT plastics could be inherently more secure,” he adds. “Finally, users can help make their devices and keyboards more secure by adopting alternative authentication methods, like fingerprint or facial recognition, which mitigate many of the risks of thermal attack.”


Image credits: Header photo licensed via Depositphotos.

Continue Reading

Recent News

Njord Partners Njord Partners
Business1 week ago

Espionage, Corruption, and Sanctions: The Dark Underbelly of Njord Partners

Njord Partners, a prominent asset management firm operating across Europe and the UK, has come under renewed scrutiny. The firm,...

Reverse Email Append Service Reverse Email Append Service
Business2 weeks ago

How to Choose the Best Reverse Email Append Service for Accurate Results

Choosing the right reverse email append service can feel overwhelming, especially when accuracy is a top priority. Whether you’re a...

Rare Carat Rare Carat
Fashion2 weeks ago

Can Rare Carat Help You Get the Best Value for Your Engagement Ring

Rare Carat most definitely helps and makes it easy for the customer to do just that. Rare Carat utilizes technology...

Synthetic Biology Synthetic Biology
Tech2 weeks ago

The Alchemy of Bioengineering: How Research Liquids are Revolutionizing Synthetic Biology

In synthetic biology, where science and engineering converge to create and manipulate life at the molecular level, research liquids play...

Buying Diamonds Buying Diamonds
Fashion3 weeks ago

What Should You Expect When Buying Diamonds at Rare Carat?

When buying diamonds, it’s necessary to know who the seller is and whether he/she is worth trusting. One of the...

Electric Generator Electric Generator
Tech3 weeks ago

The Best Compact Portable Electric Generator 2024

The UK portable solar charger market is booming, with projections showing a remarkable CAGR of 21.9% from 2023 to 2029[1]....

Cheapest Airline Cheapest Airline
Travel3 weeks ago

Top Tips for Finding the Cheapest Airline and Hotel Deals Online

In the digital age, booking flight ticket and hotel rooms online has become the norm. However, finding the best deals...

Hair Toppers Hair Toppers
Fashion4 weeks ago

The Secret to Effortless Style: Why Hair Toppers Are a Must-Have

Are you tired of waking up to your flat, lifeless hair? Well…you’ re not alone! Many women find that as the...

School Signage School Signage
Education4 weeks ago

Seamless Learning Environments: Enhancing Educational Spaces with School Signage and Digital Tools

In the past decade, technology has significantly altered the educational landscape. Traditionally, schools were places where learning was confined within...

Water Bill Water Bill
Home4 weeks ago

7 Simple Ways to Cut Your Water Bill and Save £200 a Year

New data reveals that water bills are rising, saving every penny counts in today’s living crisis sweeping across the UK....