Researchers warn of new way hackers can access your passwords
INDIANAPOLIS (WISH) – Having a passcode on your mobile phone may be giving you a false sense of security. Research out of Syracuse University showed with a 3-4 second video, hackers can guess your password and then access your personal information.
It’s like lip-reading, according to Syracuse Professor Vir Phoha, who co-authored the paper on the technology. Without even seeing the screen of your phone, Phoha said it’s relatively easy to determine which keys are pressed.
The researchers used off-the-shelf recording devices including a cell phone and a Sony camcorder. They shot the video from 12 to 15 feet away, a distance that would be easily accessible in a bar, bus, or shopping mall. Phoha said within 30 minutes, his team had nearly 100-percent accuracy in guessing someone’s pin. Once that information is in hand, it can be dangerous because so many of us are creatures of habit.
“If I use a pin, I will reuse it for many other things. If I have a password, I may reuse the password, despite variations, in many other places. So it actually reduces it’s security or makes it very easy to guess the password, even if the password is different on a different application,” Phoha said via Skype.
Phoha does not believe hackers are using this technology yet, but it would be simple to adopt. Then it could be used to figure out PINS punched into ATM’s, garage door openers, and other gadgets.
If you’re looking for ways to protect yourself, researchers said it’s tougher to detect pins when people type them with two fingers and full keyboard passwords are also much more difficult. Also, keep your phone out of site when entering pins or passwords.
If your smart phone has fingerprint technology, put it to use. Meanwhile, Phoha says many tech giants are working on other countermeasures to protect you, including keypads that jumble the 10-digits available for passcodes, or moving the keyboard to different parts of the screen randomly.
“I am thinking that maybe within two, three, four years, what may become common is behavior biometrics. The way you walk, the way you talk, they all give a unique signature of an individual,” Phoha said.