Protecting yourself online just got even harder, as a new study found that hackers can steal your password simply by analyzing your shoulder movements in video calls when typing in your password.
Online security is a perpetually evolving world of hacks and breaches that can be pretty hard to navigate, particularly for those unfamiliar with everyday best practices. From ransomware to phishing scams, the modern internet is a minefield of traps and hacks that could see your personal information sold to the highest bidder.
To make matters worse, hackers are coming up with new ways to gain access to your accounts every day, and the innovations are getting pretty wild, particularly considering the information from this new study.
Zoom on the Keystrokes
A new study from researchers out of the University of Oklahoma and the University of Texas — titled Zoom on the Keystrokes: Exploiting Video Calls for Keystroke Inference Attacks — found that, yes, it is possible to capture what users are typing by analyzing shoulder movements in video calls.
How accurate could they possibly be though, right? Well, according to the study, the software was between 75% and 93% accurate at guessing what users were typing, which is certainly accurate enough to be concerning for security experts and everyday video chat users alike.
“From a high-level perspective, this is a concern, which obviously has been overlooked for a while,” Murtuza Jadliwala, University of Texas assistant professor of computer science, says to Fast Company.
With the notable rise of video chat usage since the pandemic, this is much more than a concern. Millions of users log in to these software everyday for work meetings and social gatherings, and this innovative new security flaw has the potential to be a seriously problem for users down the road.
Is my password at risk?
While this study certainly points to a problematic future for video conferencing software and security experts down the road, the current reality is that your personal password is probably safe.
As researchers pointed out, this study was conducted in a decidedly controlled environment, which turned out to be a large factor in the accuracy of the results. When conducted in an uncontrolled environment, accuracy numbers dropped as low as 20%, which is hardly as concerning as previously stated.
Additionally, researchers also pointed out that the results were only achievable when people used one of the top one million most common passwords. For users with complicated or randomly generated passphrases, the numbers dropped even more, which means that taking your online security seriously can almost entirely eliminate this risk.
One of your best bets for completely mitigating any risk of falling victim to this new hack is to install a password manager. These handy tools will not only help you ensure you have a secure password, but will also completely remove typing from your password-input process. After all, you can’t read shoulders to hack a password if you don’t have to type it in at all.
Is video conferencing software safe?
There has been a lot of talk of video chat security, particularly given the troublesome time Zoom had at the start of the pandemic with managing hacks, breaches, and “Zoom bombs.” After hearing about a study like this one, it’s more than reasonable to ask whether or not using these platforms is safe and secure for all users.
Fortunately, the vast majority of web conferencing software is more than secure enough for everyday use. From heavy-duty encryption protocols to specific security features, there is very little risk of a security breach when it comes to using video chat on a daily basis.
Now, if you’re specifically worried about Zoom due to its previous problems, have no fear. The company has made an impassioned commitment to improving the security of the platform since its troubles in March 2020, leading to it becoming one of the only video conferencing solutions offering end-t0-end encryption for all users.
If you’re looking for a video conferencing solution now, take a look at some of the providers below to get the best idea about what these platforms offer.
Original post: https://tech.co/news/ai-guess-password-shoulders