ThermoSecure cracks passwords by analyzing the heat from your fingertips

Cybercriminals use various methods to get their hands on users' passwords. A more typical example is phishing, where they imitate the details of trusted organizations and convince victims to declare usernames/passwords in their forms, but also brute force attacks that are carried out with mass tests of various known passwords in order to gain access to user accounts.

A new method comes to the fore from specialist researchers in Scotland, who have developed a system that uses thermal imaging and Artificial Intelligence technologies to intercept the user's password. The system is called ThermoSecure and essentially analyzes the heat left by the user's fingers on the keyboard when he writes the password, either on a computer or on a mobile device. The thermal imaging technology sees as hotter the keys or the parts of the screen that the user touched most recently and thus the symbols, numbers and letters of the password are recognized.

The researchers trained their system with the help of a machine learning algorithm and confirm that longer and more complex passwords are safer for the user. Despite this, ThermoSecure was able to accurately detect 16-character passwords in less than 20 seconds with a success rate of 67%. The success rate increases to 82%, 93% and 100% when it comes to passwords with 12, 8 and 6 characters respectively.

The speed with which the user types also plays an important role, as those who type quickly are more protected by ThermoSecure. What is critical to the success of ThermoSecure is the keyboard's construction material. In ABS plastic the success rate is at 52%, while in PBT plastic it drops to 14%.

The shift to biometric authentication methods is one way to get rid of passwords, but also to protect ourselves from cybercriminal attacks to a certain extent.