AI Can Crack Your Password by Listening to Keyboard Clicks

  • A new study reveals that AI can now crack passwords by listening to keyboard clicks, achieving up to 95% accuracy. This unexpected discovery highlights a fresh cybersecurity threat and underscores the importance of auditory privacy. The research team also provided strategies to mitigate this risk, shedding light on an evolving challenge in the technology landscape.

The next time you type your password, you may want to ensure no one is listening. A groundbreaking study shows that Artificial Intelligence (AI) can now identify passwords based on the sound of keyboard clicks. This alarming discovery has opened a new dimension of cybersecurity concerns.

While concerns about “shoulder surfing” or over-the-shoulder attacks have been prevalent, the focus has now shifted to acoustic side-channel attacks. Such attacks interpret externally gathered information from a device, like the sound of keyboard clicks, to decode what has been typed. This could potentially allow attackers to infiltrate personal accounts using the acquired information.

The new study reveals that acoustic side-channel attacks present a more significant threat than ever before. Researchers from Durham University, the University of Surrey, and Royal Holloway University of London collaborated on this experiment, aiming to understand the potential risks associated with keyboard clicks.

The researchers conducted the experiment using a MacBook Pro 16-inch (2021) with 16 GB of memory and the Apple M1 Pro processor. They recorded keyboard clicks on both an iPhone 13 Mini, positioned 17cm away on a microfiber cloth, and using Zoom’s built-in recording function on the laptop.

After collecting the keystroke sound dataset, the team trained a deep learning model to identify the keys based on the sounds. The test results were startling, with the model showing a 95% accuracy rate from the phone recording and a 93% accuracy rate from the Zoom recording.

Despite the concerning accuracy rates, the study’s authors also identified ways to mitigate such attacks. Suggestions include varying typing styles, using a randomized password with different cases, utilizing the shift key, and playing background sounds near the microphone during video calls.

This discovery has put the spotlight on the need for innovative cybersecurity measures and a rethink of current practices. With the rise of remote work and online communication, the implications of this study could be far-reaching. Both individuals and organizations must now consider auditory privacy and take proactive steps to protect sensitive information.

The research not only demonstrates the growing capabilities of AI but also underscores the evolving challenges in cybersecurity. As technology continues to advance, the strategies for protection must adapt accordingly. The findings from this study may well prompt new approaches to password security and a reevaluation of the ways we interact with our devices.