Some hackers use phishing to impersonate a trusted organization and send fraudulent emails, texts, or messages to steal login credentials. Others use phishing to steal personal information, which involves using trial-and-error to determine the user''s password. But did you know that heat can be also used to crack passwords?
Researchers in Scotland have developed a technology called ThermoSecure, which is capable of analyzing the traces of heat left by a person''s fingertips when they enter their password on a computer keyboard or mobile device. This technique permits users to guess the order of used letters, numbers, and symbols.
Dr. Mohamed Khamis, an associate professor at the University of Glasgow, used machine learning and 1,500 thermal images of recently used keyboards to develop an AI model to read heat signatures and study probable password combinations.
Longer passwords are more secure, according to ThermoSecure, which reduced 67 percent of 16-character passwords within 20 seconds. The system improved by shorter passwords, with a success rate of 82%, 93%, and 100% for 12-, 8-, and 6-character passwords.
ThermoSecure was 92 percent successful in estimating the first group''s password, although it was only 80% successful with the latter.
A study found that ThermoSecure was successful in correcting passwords from ABS plastics. However, when it came to PBT plastic keys, the system was only 14% successful.
ThermoSecure''s team believes that thermal imaging password attacks will become more widespread soon, owing to the fact that thermal imaging cameras are becoming more affordable and machine learning is becoming more accessible. Using alternative authentication methods such as fingerprints and facial recognition is an option.