Thermal imaging and AI can be used to crack passwords in seconds, study finds
Computer security experts in Scotland have developed a system that uses thermal imaging and artificial intelligence to guess computer and smartphone passwords in seconds.
"They say you need to think like a thief to catch a thief," Mohamed Khamis, an associate professor of computing science at the University of Glasgow, said in a news release. "We developed ThermoSecure by thinking carefully about how malicious actors might exploit thermal images to break into computers and smartphones."
Results of the research were published in a new study in the peer-reviewed journal ACM Transactions on Privacy and Security.
ThermoSecure essentially works by analyzing the traces of heat left by your fingertips when you enter your password on a keyboard or mobile device. Since brighter areas on a heat-sensing thermal image show places that were touched more recently, it is then possible to discern the order in which specific letters, numbers and symbols were used. To do so, Khamis and his team used machine learning and 1,500 thermal images of recently used QWERTY keyboards to train an artificial intelligence model to read heat signatures and then make informed decisions about potential passwords.
The system was able to reveal 86 per cent of passwords when a thermal image was taken within 20 seconds of typing. Within 30 seconds, the success rate fell to 76 per cent, while after 60 seconds it dropped to 62 per cent.
The team found that longer passwords offered more protection. Within 20 seconds, ThermoSecure could only crack 67 per cent of 16-character passwords, but its success rate climbed to 82 per cent for passwords with 12 symbols, 93 per cent for eight symbols and 100 per cent for six symbols.
Typing style had an impact as well. Slow-searching "hunt-and-peck" keyboard users tended to linger more on keys, creating longer-lasting heat signatures than speedy "touch-typists." After 30 seconds, ThermoSecure could guess the first groups' passwords with 92 per cent accuracy, versus 80 per cent for the faster group.
The heat-absorption properties of different keyboard materials even played a role. ThermoSecure could guess passwords from keys made with ABS plastics 52 per cent of the time, but only 14 per cent of the time when they were made with PBT plastics, which are less common.
With thermal imaging cameras becoming more affordable, and machine learning becoming more accessible, the team behind ThermoSecure suggests the types of 'thermal attacks" conducted for their study could become increasingly common. In addition to suggesting alternative digital authentication methods like fingerprint or facial recognition, they offer several tips for protecting your passwords.
"Longer passwords are more difficult for ThermoSecure to guess accurately, so we would advise usinglong passphrases wherever possible," Khamis explained."Backlit keyboards also produce more heat, making accurate thermal readings more challenging, so a backlit keyboard with PBT plastics could be inherently more secure."
CTVNews.ca Top Stories
Former PM Chretien says Liberal party must move back to 'radical centre'
As the Liberal party searches for a new leader, former prime minister Jean Chretien says it's time for the party to move back to the "radical centre" to help its electoral fortunes.
Are there U.S. military bases and American troops in Canada?
The U.S. military has more than 165,000 troops deployed in over 170 countries and territories, including Canada.
'Everything is on the table': Joly won't rule out cutting off energy exports to U.S. in face of Trump tariff threat
Foreign Affairs Minister Melanie Joly is not ruling out any countermeasures when it comes to dealing with U.S. president-elect Donald Trump — his threat of significant tariffs on Canadian imports, in particular.
New Canadian joins the navy, fulfilling his father's dream
Onboard a warship with 250 personnel, if you take the time to listen, you’ll discover a sea of inspiring stories.
Royal treasures hidden since Second World War recovered from cathedral
Historical treasures hidden for decades have been uncovered in the crypts of a cathedral, with items including burial crowns and insignia belonging to Medieval European rulers.
'Thankful for the rest of my life': Woman's final goodbye with father captured on video at Winnipeg airport
One woman is expressing her deepest gratitude to the Winnipeg Richardson International Airport after the staff helped her retrieve the security footage of her final moments with her father.
Los Angeles wildfires death toll rises as crews fight heavy winds to save homes and landmarks
The death toll from the wildfires ravaging the Los Angeles area rose to 16 as crews battled to cut off the spreading blazes before potentially strong winds return that could push the flames toward some of the city's most famous landmarks.
Delays, Trudeau resignation threaten Toronto-Quebec City high-frequency rail project
Canadians hoping plans for high-frequency rail between Toronto and Quebec City would move forward this year will instead see further delays — and the prospect of a federal election makes the timeline more uncertain than ever.
Justin Trudeau's own walk in the snow launched a historic week in federal politics
For those watching the 23rd prime minister announce his pending resignation as Liberal leader and prime minister on Monday, the contrast couldn't have seemed more stark. Trudeau delivered the news following his own walk in the snow to a podium outside Rideau Cottage — and after pages from his farewell speech blew away in the icy wind.
Local Spotlight
'I didn't want to go cold turkey:' Environment Canada's David Phillips on why he keeps working after retirement
When Environment Canada Senior Climatologist David Phillips retired this past September, he wasn’t quite ready to call it a career.
‘People are excited’: Portion of Rideau Canal Skateway opens for the first time this year
A section of the Rideau Canal Skateway has opened for the first time this winter.
Vancouver strip club's X account suspended over cheeky marquee message
The marquee at The Penthouse strip club in downtown Vancouver is known for its edgy comments on politics and pop culture.
'One-of-a-kind' fire-breathing dragon sculpture takes over Winnipeg yard
A Winnipeg sculptor’s latest creation could also double as a house guard.
'Really unique': Ice core drilled by U of M scientist could unlock climate history
A Manitoba researcher was part of a historic research team that uncovered the oldest ice core ever retrieved.
'Loving each other, building memories:' B.C. couple facing life-threatening illnesses cherishes every day
Hayley and Bill Atkinson’s love story begins that night he abruptly left in the middle of playing a card game with friends, and didn’t return for a long time.
Long live the King: N.B. tribute artist to honour Elvis' 90th birthday with special performance
Though it has been nearly five decades since Elvis' death, his music and influence continue to inspire fans around the world, including tribute artist Thane Dunn of Moncton, N.B.
4 generations on 1 lot: One family's creative response to B.C.'s housing crisis
A single lot in Delta, B.C., that used to be home to a single rancher built in the 80s is the site of four separate homes, housing four generations of the same family.
'Unacceptable': Removal of beaver dam in Manitoba community sends surge downstream
The removal of a beaver dam in a rural Manitoba community is having some unintended consequences, sending a small flood downstream, catching residents off-guard.