Connect with us

News

Thermal Cameras and AI Can Be Used to Crack Passwords, New Study Warns

Published

on

thermal computer

A password may not be enough to protect a device from hackers. A new study has revealed how criminals can use thermal cameras to retrace the password an individual has typed into a smartphone, computer keyboard, or even an ATM.

Researchers from the University of Glasgow have shown how heat-detecting cameras can help crack passwords up to a minute after typing them. They published their findings in the journal ACM Transactions on Privacy and Security last month.

In the study, the computer scientists developed an artificial intelligence (AI) system called ThermoSecure that could retrace recently-typed passwords from the heat of a person’s fingertips. The thermal camera’s images of keyboards and screens can be analyzed by AI to correctly guess computer passwords in seconds.

Some 86 percent of passwords were cracked when thermal images were taken within 20 seconds of typing in the secret code and put through their ThermoSecure system, and 76 percent when within 30 seconds. Success dropped to 62 percent after 60 seconds of entry.

The scientists also found that within 20 seconds the system was capable of successfully attacking even long passwords of 16 characters, with a rate of up to 67 percent correct attempts.

As passwords grew shorter, success rates increased. Twelve-symbol passwords were guessed up to 82 percent of the time, eight-symbol passwords up to 93 percent of the time, and six-symbol passwords were successful in 100 percent of attempts.

With thermal imaging cameras costing less than $220 and AI becoming increasingly accessible, the researchers warned that criminals would likely exploit exploiting thermal images to break into computers and smartphones.

“Access to thermal–imaging cameras is more affordable than ever — they can be found for less than £200 ($220) — and machine learning is becoming increasingly accessible, too. That makes it very likely that people around the world are developing systems along similar lines to ThermoSecure in order to steal passwords,” explains Dr Mohamed Khamis who led the study with Norah Alotaibi and John Williamson.

Thermal Attacks

Thermal attacks can happen after an individual types out their password or passcode on their computer keyboard, smartphone screen or after keying in their pin at a cash point.

A thief could then use a thermal camera to take a picture and record the heat signature of where the individual touched the device. In the images captured by the heat-detecting cameras, areas appear more bright the more recently they were touched.

The warmer the area is, the more recently it was touched, allowing criminals to determine the possible order in which keys were used to try different combinations to crack the password.

By measuring the relative intensity of the warmer areas, researchers found, it was possible to determine the specific letters and numbers of symbols that make up the password and estimate the order in which they were used.

“It’s important that computer security research keeps pace with these developments to find new ways to mitigate risk, and we will continue to develop our technology to try to stay one step ahead of attackers,” explains Khamis.

Dr Khamis says longer passwords should be used wherever possible, with those more difficult to guess accurately. Meanwhile, the type of material keyboards are made from can affect their ability to absorb heat, with some plastics much more likely to retain a heat pattern than others.

“Backlit keyboards also produce more heat, making accurate thermal readings more challenging, so a backlit keyboard with PBT plastics could be inherently more secure,” he adds. “Finally, users can help make their devices and keyboards more secure by adopting alternative authentication methods, like fingerprint or facial recognition, which mitigate many of the risks of thermal attack.”


Image credits: Header photo licensed via Depositphotos.

Continue Reading

Recent News

Exhibition Game Exhibition Game
How to1 day ago

How to Choose the Ideal Exhibition Game for Your Event

Hosting an event involves a multitude of decisions, from the venue to the catering, but one aspect that can make...

Boiler Boiler
Guide3 days ago

When Is the Best Time to Replace a Boiler?

A boiler is a workhorse that works around the clock. It provides heat and warm water whenever needed. While horses...

Grammar Grammar
Tech3 days ago

Grammar Checkers Unleashed: Enhancing Writing Precision and Efficiency

In the present computerized age, the ascent of simulated intelligence innovation has presented new difficulties in regards to the genuineness...

Crypto Staking Crypto Staking
Crypto1 week ago

Is it Possible To Make Money On Crypto Staking in 2024?

In the modern world, cryptocurrencies and blockchain technologies are becoming increasingly popular, attracting the attention of investors and users from...

Lake Como Lake Como
Wedding1 week ago

How to Choose the Right Location for a Marriage Proposal in Italy and Lake Como

Proposing marriage is a unique and memorable moment in a couple’s life. Choosing the right location is crucial to creating...

Personal Injury Lawyer Personal Injury Lawyer
Law2 weeks ago

Finding the Best Personal Injury Lawyer in Lumberton, NC

Personal injury law is designed to protect individuals who have been harmed due to the negligence or wrongful actions of...

WhatsApp Business WhatsApp Business
Business2 weeks ago

Running WhatsApp Business with Pro+VPS for Android Emulator

WhatsApp Business is one of the most powerful tool for Business to manage customers communication. Running it can enhance the...

Civil Partnership Visa Civil Partnership Visa
Finance2 weeks ago

Civil Partnership Visa vs Spouse Visa: Which One is Right for You

Choosing the right visa to join your partner in the UK can be confusing. Two common options are the Civil...

Crypto Crypto
Crypto2 weeks ago

Staked Crypto – A Step-by-Step Guide for Beginners

Ethereum staking has become an increasingly popular way for cryptocurrency holders to earn passive income through staking rewards. In this...

Ethereum Staking Ethereum Staking
Crypto2 weeks ago

Maximizing Ethereum Staking Rewards: Tips and Tricks

Are you looking to maximize the potential of your Ethereum holdings? Stake Ethereum using OkayCoin and take advantage of the...