As if password authentication’s coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. The technique, developed at Durham University, the University of Surrey, and Royal Holloway University of London, builds on previous work to produce a more accurate way to guess your password by listening to the sound of you typing it on your keyboard.
The slight differences in the sounds each key makes is an unintentional leak of information, known as a “side channel”. Computers typically have lots of side channels, such as noises, heat, and changes in electromagnetic emissions, which can be hoovered up and analysed by adversaries to learn more about what’s happening on the computer.
Source: Malwarebytes Labs