Thursday, September 22, 2005

Cracking Passwords By Listening

Researchers from the University of California-Berkeley have been successfully identifying passwords and other text by recording the key strokes from a keyboard. By using $10 microphones, they can record the key stroke sounds and then run these sounds through software programs to create a transcript of the session. The first pass tries to guess which key has been pressed; the second time, the text is run through spelling/grammar checks; the third time, it is run through to refine the results. After three passes, the computer accurately predicted words 88% of the time and characters 96% of the time. Obviously textual documents are at risk with this method. However, this article points out that passwords are a very likely target. More experiments are being done on this topic. [from ZDNet]

No comments: