Artificial Intelligence (AI) has the ability to decipher passwords by exploiting the acoustic side-channel attack, a technique that involves analyzing the distinct sound patterns generated by keyboard clicks. Each key produces a slightly different sound upon pressing, and by capturing and processing these sounds with AI algorithms, cybercriminals can deduce the entered password, compromising the associated account.
A study conducted by researchers from the Universities of London, Durham, and Surrey showcased this capability. They developed an AI system capable of extracting sensitive data by listening to keyboard sounds. The AI model exhibited a 93% accuracy rate in deciphering keystrokes when recorded through Zoom on a MacBook, rising to 95% accuracy when recorded with an iPhone 13 mini.
Beyond acoustic side-channel attacks, AI can also exploit brute force and dictionary attacks to crack passwords. In a brute force attack, AI automates the process of attempting various password combinations until the correct one is found, proving particularly effective against weak and short passwords with low entropy.
AI tools like PassGAN have been designed for password cracking. PassGAN, a machine learning-based AI password cracker, utilizes neural networks to streamline the analysis of passwords, demonstrating the ability to crack more than half of common passwords within 60 seconds.
To mitigate these threats, it is advisable to employ strong, unique passwords that are regularly changed. Adding an extra layer of security through multi-factor authentication is recommended. Password managers can assist in securely organizing passwords, and users should also be mindful of the sounds their keyboards produce when entering passwords, as these sounds may be susceptible to capture and analysis.