Hackers can crack phone passwords in seconds using body heat, new research finds

Criminals may have a way of breaking into our computers and phones, no matter how careful we are with protecting our passwords, new research has found.

Experts have warned that heat-detecting cameras can track our passwords up to a minute after we type them in by following the heat from our fingertips.

The research conducted by the University of Glasgow used artificial intelligence to find that around 86% of passwords were cracked when thermal images were taken of the keyboard around 20 seconds after someone typed their password in.

READ MORE: Passwords to stop working on iPhone for millions of users next month in push for Face ID

Within 30 seconds, 76% of passwords were cracked and while success rate dropped to 62% after 60 seconds it could still track passwords using heat.

What is a thermal attack on passwords?

Thermal attacks may occur after people type their passwords on a keyboard or their smartphone screen, leaving their device unprotected against heat-detecting systems.

Any passers-by equipped with a thermal camera can take a picture of your device and trace the heat signature of where fingers have touched the device, with areas appearing brighter the more recently it has been touched.

By measuring the intensity of the warmer areas, researchers found that people can even find out specific letters or symbols that make up a password and use it themselves to hack into your device.

The University of Glasgow researchers warned that with thermal cameras becoming more affordable "it's very likely that people around the world are developing systems in order to steal passwords."

How to prevent criminals from accessing our passwords?

If your passwords are shorter, it's much easier for people to use thermal attacks to hack into your device.

According to research, six-symbol passwords were guessed correctly in 100% of attempts, while eight-symbol ones had success rates of 93% and twelve-symbol passwords were guessed right up to 82% of the time.

So, longer passwords of at least 16 characters are recommended wherever possiblel.

Your typing speed is also important as those who type slowly tend to leave their fingers on the keys for longer, creating heat signatures which last longer than faster touch-typists.

Users can make their devices more secure by adopting alternative authentication methods like facial recognition, multi-factor authentication or biometrics to mitigate risks of thermal attack.


  • Japan begins testing self-driving AI vending machine that has a 'mind of its own'
  • Cafe chain offers free coffees and pastries to apologise for 'spying' on customers
  • 'Leaked GTA 6 map' shows off huge Caribbean setting with surprise locations
  • Google worker sacked after claiming AI is sentient says firm's bot is 'pretty racist' too
  • Facebook to show users 'double' the amount of posts they didn't ask to see

Source: Read Full Article