Criminals could be able to work out your passwords simply by listening to the sound of typing, new security research has claimed.
A new report has warned that hackers can use a smartphone's microphone to tune in to a victim's typing habits and decode passwords with high levels of accuracy.
The detection could be completed in a matter of seconds, and can even be carried out in noisy or crowded public spaces.
- These are the best password managers
- Firmware security has barely improved over last decade
- Formjacking attacks target customers at checkout
The news was revealed by researchers at Southern Methodist University in Texas, who found that smartphones can pick up the sound waves produced when users type on a computer keyboard.
When processed, these acoustic signals can be analysed to allow anyone with the right tools to decipher which keys were struck and in what order. In their experiments, the researchers were able to decode nearly half of what was being typed by using commonly-used keyboards and smartphones, even in noisy environments where multiple people were talking and typing.
Overall, the team were able to work out what was being typed at 41 percent accuracy, a rate that they said could be improved if they looked to focus on the top 10 most commonly typed words.
"We were looking at security holes that might exist when you have these 'always-on' sensing devices - that being your smartphone," study co-author Professor Eric Larson said.
"We wanted to understand if what you're typing on your laptop, or any keyboard for that matter, could be sensed by just those mobile phones that are sitting on the same table. The answer was a definite yes."
"A successful interception of this sort could potentially be very scary because there's no way to know if you're being hacked this way."
- Best Android antivirus apps of 2019