HomeWinBuzzer NewsStudy: ThermoSecure Shows Fingerprint Heat Can Potentially Help Hackers Crack Passwords

Study: ThermoSecure Shows Fingerprint Heat Can Potentially Help Hackers Crack Passwords

ThermoSecure is a new research system that can successfully crack user passwords in seconds by tracking heat signatures.

-

protect your personal and financial information online. There is nothing a threat actor wants more than access to your passwords. To get your credentials, attackers will try phishing campaigns, brute force attacks, or malware. However, researchers have found it is also possible to trace fingerprint heat to crack passwords.

A team of experts in Scotland has created a new system that tracks password entries using thermal imaging and AI. According to the team, the AI can crack passwords instantly using this method.

The team calls the system ThermoSecure. It is able to analyze heat traces left when a person inputs a password on a computer keyboard or touchscreen. Brighter spots show up on heat-sensing images, showing where the user last touched the keyboard/screen.

Attackers could then guess passwords based on the letter, numbers, and symbols that the user has touched. While the exact password will not be known, the threat actor could then use software to narrow down potential combinations to find the correct credential.

ThermoSecue-Keyboard-Heat-Tracking-Glasgow-University

Results

The team from the University of Glasgow and led by Dr. Mohamed Khamis used a machine-learning model to achieve the results. The AI learned using 1,500 thermal images from keyboard strokes to train.

ThermoSecure was able to crack 67% of passwords with 16 characters within 20 seconds. When the number of characters was reduced to 6 characters, the success rate w 100%. For 12 characters the hit rate was 82% and 93% for 8 characters.

Clearly, it is better to have a longer password than a shorter one. Typing style is important. Users who touch the keyboard for longer (“hunt-and-peck”) were cracked 92% of the time by ThermoSecure. Those who type faster (“touch-typists”) were cracked 80%.

Tip of the day: The Windows Sandbox gives /11 Pro and Enterprise users a safe space to run suspicious apps without risk. In out tutorial we show you how to enable the Windows Sandbox feature.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.