The world of cyber threats is rapidly evolving. New hacking methods are being created daily, each of them being better and scarier than the last. With so many existing methods, it’s just awful to think about what tomorrow will bring. The world needs to be alert and take the necessary precaution measures to remain safe on the internet.
Recent research conducted by researchers at Southern Methodist University has discovered that hackers can decipher passwords only by listening to the sounds of typing. Here’s a further explanation.
How Can Hackers Figure Out Passwords From the Sound of a Keyboard
The researchers have discovered that smartphones emit different soundwaves for each of the letters on a smartphone keyboard. Why is that an issue? Well, every smartphone device is equipped with a microphone, which is frequently on. If hackers were to access the microphone and listen to the sound of typing, they would be able to decipher the soundwaves and transform them into actual letters and numbers.
Here’s How the Process Went:
First, the researchers analyzed whether keyboard letters and numbers actually emit different signals and soundwaves. When they had discovered that that is, in fact, true, they went on to try and figure out different ways of decrypting this information. They quickly came up with a unique technique that can be used to figure out which sound is correspondent with which letter or number.
The researchers managed to accurately decode more than 41% of the data they analyzed. They also noted that that percentage could increase if they were to focus on the most commonly typed words.
However, people don’t only use the keyboard to type in passwords and login data. On the contrary, by using this method, hackers could potentially get their hands on sensitive email content, private messages, personal notes, credit card numbers, and other data.
To make things even worse, the method discovered by researchers was so effective that it could be used in crowded spaces where multiple people are using their keyboards simultaneously. Only one person who had their microphone hacked could hurt everyone that’s surrounding them.
How You Can Protect Your Devices
The problem with these types of hacks is the fact that they often go unnoticed. That’s why individuals should think about implementing specific precautionary measures to avoid this from happening. Here are the methods that users can implement to protect themselves from this exploit:
Use a Password Manager
Password managers are an excellent tool for preventing this type of hacking because they eliminate the need for typing in passwords. Password managers store all user passwords in one place, making it easy and convenient to enter into the system.
One of the most popular password managers is LastPass because it has some great security functions. But is LastPass secure enough?
The simple answer is yes, it is definitely secure enough. First, users will have to create a strong master password to access LastPass. The app requires passwords to be at least twelve characters long and include one uppercase letter, one lowercase letter, and at least one number and symbol. The master password is encrypted, so if users lose or forget the master pass, the app won’t be able to recover it. Luckily, that also means that if their database gets compromised, users’ passwords won’t be a part of that database.
Moreover, LastPass has integrated PBKDF2-SHA256, which is a password hashing algorithm that slows down brute-force attacks. That means that, once someone tries a lot of different passphrases, instead of being able to work millions of different combinations per second, they will only be limited to a couple of thousand guesses, making the process at least a hundred times slower.
An additional perk is that LastPass uses multi-factor authentication, meaning that the user will have to complete several verification processes before being able to access the app. Those can range from biometric features to email and SMS codes.
Always Check and Limit Your App Permissions
When installing different apps, users often click the allow button for everything to start using the app as soon as possible. What many aren’t aware of is the fact that many apps require unrelated permissions. For example, an exercise app can ask for permission to access your contacts, your microphone, or your camera, even though there’s no need for it.
Always make sure to carefully read each of the permissions and see what’s suitable and what’s not. Also, beware of which apps you download. Many of them seem like regular apps, while, in fact, they are just disguised malware. That’s why they ask for additional permissions, even though they aren’t required to run the app.
People must realize that almost all accounts are under constant attack by cybercriminals. The upside is that most of these attacks don’t go through due to various security measures implemented by service providers. Only one successful attack is enough to have your data stolen. This particular hack is a double-trouble because, not only the person who’s affected will suffer through the consequences, but they are putting the people around them at risk as well. Be cautious!